In the Android logging framework, the settings to control data masking and blocking and the fields to use to specify what is controlled are available in the TLFConfigurableItems.properties
file.
The same method of blocking or masking is applied to all items configured to be controlled. You cannot specify multiple methods of blocking or masking.
Default privacy configuration for Android
In the default TLFConfigurableItems.properties
file, the privacy configuration settings are specified to mask data:
#Masking settings
HasMasking=true
MaskIdList=com.tealeaf.sp:id\/EditText*,com.tealeaf.sp:id\/login.password
HasCustomMask=true
SensitiveSmallCaseAlphabet=x
SensitiveCapitalCaseAlphabet=X
SensitiveSymbol=#
SensitiveNumber=9
In the configuration, privacy in Android is defined as follows:
- Since
HasMasking=true
, privacy is enabled. - Since
HasCustomMask=true
, a custom mask is applied. So, data masking is enabled. If it was false, then it would use blocking. - The masking characters are defined in the
Sensitive
settings.
The list of fields in the response data to which to apply the mask is defined in the MaskIdList
, where fields are delineated by a comma. In the default configuration, there are two fields, defined by using regular expressions.
com.tealeaf.sp:id\/EditText*
- For the specified namespace, privacy masking is applied to all fields whose
id
includes/EditText
. For Android applications, this configuration applies privacy to all fields where text is entered, which is the safest, most conservative privacy configuration. com.tealeaf.sp:id\/login.password
- For the specified namespace, privacy masking is applied any field that includes
/login.password
, which might correspond to the identifier for the password field in your application.
The value before the colon in each regular expression (com.tealeaf.sp
) identifies the namespace to which the regular expression is applied.
You can use these configuration settings or modify them to meet the requirements for your application. The following sections describe data blocking and data masking in general, and examples are provided later in the section.
Configure data blocking
TLFConfigurableItems.properties
file:
HasMasking
- Set this value to
true
. MaskIdList
- Comma-delimited ids or regular expressions to find ids.
HasCustomMask
- Set this value to
false
. SensitiveSmallCaseAlphabet
- Do not specify a value.
SensitiveCapitalCaseAlphabet
- Do not specify a value.
SensitiveSymbol
- Do not specify a value.
SensitiveNumber
- Do not specify a value.
When the HasCustomMask
setting is set to false
, the masking function returns an empty string, which is inserted in place of the value to be masked.
Configure masking
HasCustomMask
to true
and augment the example configuration with the masking characters. These values are set in the TLFConfigurableItems.properties
file:
HasMasking
- Set this value to
true
. MaskIdList
- Comma-delimited ids or regular expressions to find ids.
HasCustomMask
- Set this value to
false
. SensitiveSmallCaseAlphabet
- This single value specifies the masking character that is applied to lowercase letters. It can be any string value.
SensitiveCapitalCaseAlphabet
- This single value specifies the masking character that is applied to uppercase letters. It can be any string value.
SensitiveSymbol
- This single value specifies the masking character that is applied to symbol characters. It can be any string value.
SensitiveNumber
- This single value specifies the masking character that is applied to numerals. It can be any string value.