NAME

String::Redactable - A string that automatically redacts itself

SYNOPSIS

use String::Redactable;

my $string = String::Redactable->new( $sensitive_text );

say $string;                 # '<redacted string>'
say $string->to_str_unsafe;  # unredacted text

DESCRIPTION

String::Redactable tries to prevent you from accidentally exposing a sensitive string, such as a password, in a larger string, such as a log message or data dump.

When you carelessly use this as a simple string, you get back the literal string *redacted data*. To get the actual string, you call to_str_unsafe:

$password->to_str_unsafe;

This is not designed to completely protect the sensitive data from prying eyes. This is simply the UTF-8 encoded version of the value that is XOR-ed by an object-specific key that is not stored with the object. All of that is undone by to_str_unsafe.

Beyond that, this module uses overload and other tricks to prevent the actual string from showing up in output and other strings.

Notes on serializers

String::Redactable objects resist serialization to the best of their ability. At worst, the serialization shows the internal string for the object, which does not expose the key used to XOR the UTF-8 encoded string.

Since the XOR keys are not stored in the object (and those keys are removed when the object goes out of scope), these values cannot be serialized and re-inflated. But, that's what you want.

Data::Dumper - cannot use $Data::Dump::Freezer because that requires the
Storable -
JSON modules - this supports TO_JSON
YAML -

Methods

new

new( STRING )

Creates an object that hides that string by XOR-ing it with another string that is not stored in the object, and is not a package variable.

This does not mean that the original string can't be recovered in other ways if someone wanted to try hard enough, but it keeps you from unintentionally dumping it into output where it shouldn't be.

placeholder

The value that is substituted for the actual string.

STORABLE_freeze

Redact strings used in Storable.

TO_JSON

Redact the string in serializers that respect TO_JSON.

to_str_unsafe

Returns the string that you are trying to hide.

TO DO

SOURCE AVAILABILITY

This source is on Github:

http://github.com/briandfoy/string-redactable

AUTHOR

brian d foy, <briandfoy@pobox.com>

COPYRIGHT AND LICENSE

You may redistribute this under the terms of the Artistic License 2.0.

To install String::Redactable, copy and paste the appropriate command in to your terminal.

cpanm

cpanm String::Redactable

CPAN shell

perl -MCPAN -e shell
install String::Redactable

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)