Overview

API Versioning

Deprecated

dw.net

Class HTTPClientLoggingConfig

Object

dw.net.HTTPClientLoggingConfig

Script API for configuring HTTP client logging and sensitive data redaction.

This class provides a customer-facing interface for configuring HTTP client logging behavior, including enabling/disabling logging, setting log levels, and defining sensitive fields that should be redacted from HTTP request and response bodies.

Security Note: This class handles sensitive security-related data and logging configuration. Pay special attention to PCI DSS requirements when configuring sensitive field redaction to ensure proper data protection. Sensitive Fields of appropriate types MUST be set else logging will be skipped.

Usage Example:

 var config = new dw.net.HTTPClientLoggingConfig();
 // Enable logging and set level
 config.setEnabled(true);
 config.setLevel("INFO");
 // Configure sensitive JSON fields
 config.setSensitiveJsonFields(["password", "creditCard", "ssn"]);
 // Configure sensitive XML fields
 config.setSensitiveXmlFields(["password", "creditCard", "ssn"]);
 // Configure sensitive headers
 config.setSensitiveHeaders(["authorization", "x-api-key", "cookie"]);
 // Configure sensitive body fields (for form data)
 config.setSensitiveBodyFields(["password", "creditCard", "ssn"]);
 // Configure text patterns for plain text/HTML content
 config.setSensitiveTextPatterns([["password\\s*=\\s*[^\\s&]+"]]);
 

Content Type Support:

• JSON: Use setSensitiveJsonFields() to specify field names to redact
• XML: Use setSensitiveXmlFields() to specify element/attribute names to redact
• Form Data: Use setSensitiveBodyFields() to specify parameter names to redact
• Plain Text/HTML: Use setSensitiveTextPatterns() to specify regex patterns
• Binary/Multipart: Entire body is automatically treated as sensitive

Properties

enabled  :  boolean

Gets whether HTTP client logging is enabled.

level  :  String

Gets the current log level for HTTP client logging.

sensitiveBodyFields  :  String[]

Gets the sensitive body fields configured for form data redaction.

sensitiveHeaders  :  String[]

Gets the sensitive headers configured for redaction.

sensitiveJsonFields  :  String[]

Gets the sensitive JSON fields configured for redaction.

sensitiveXmlFields  :  String[]

Gets the sensitive XML fields configured for redaction.

Constructor Summary

HTTPClientLoggingConfig()

Creates a new HTTPClientLoggingConfig instance.

Method Summary

getLevel() : String

Gets the current log level for HTTP client logging.

getSensitiveBodyFields() : String[]

Gets the sensitive body fields configured for form data redaction.

getSensitiveHeaders() : String[]

Gets the sensitive headers configured for redaction.

getSensitiveJsonFields() : String[]

Gets the sensitive JSON fields configured for redaction.

getSensitiveXmlFields() : String[]

Gets the sensitive XML fields configured for redaction.

isEnabled() : boolean

Gets whether HTTP client logging is enabled.

setEnabled(enabled : boolean) : void

Sets whether HTTP client logging is enabled.

setLevel(level : String) : void

Sets the log level for HTTP client logging.

setSensitiveBodyFields(fields : String...) : void

Sets the sensitive body fields that should be redacted from HTTP form data.

setSensitiveHeaders(headers : String...) : void

Sets the sensitive headers that should be redacted from HTTP requests/responses.

setSensitiveJsonFields(fields : String...) : void

Sets the sensitive JSON fields that should be redacted from HTTP request/response bodies.

setSensitiveTextPatterns(patterns : String...) : void

Sets the sensitive text patterns that should be redacted from HTTP request/response bodies.

setSensitiveXmlFields(fields : String...) : void

Sets the sensitive XML fields that should be redacted from HTTP request/response bodies.

Methods inherited from class Object

assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values

Constructor Detail

HTTPClientLoggingConfig

public HTTPClientLoggingConfig()

Creates a new HTTPClientLoggingConfig instance.

The public constructor should only be called from JavaScript, but cfgAPI uses this constructor for creating the Service instance -> so fill the factory here

---

Method Detail

getLevel

getLevel() : String

Gets the current log level for HTTP client logging.

Returns:

the log level as a string (DEBUG, INFO, WARN, ERROR)

---

getSensitiveBodyFields

getSensitiveBodyFields() : String[]

Gets the sensitive body fields configured for form data redaction.

Returns:

an array of field names that will be redacted from form data

---

getSensitiveHeaders

getSensitiveHeaders() : String[]

Gets the sensitive headers configured for redaction.

Returns:

an array of header names that will be redacted

---

getSensitiveJsonFields

getSensitiveJsonFields() : String[]

Gets the sensitive JSON fields configured for redaction.

Returns:

an array of field names that will be redacted from JSON content

---

getSensitiveXmlFields

getSensitiveXmlFields() : String[]

Gets the sensitive XML fields configured for redaction.

Returns:

an array of field names that will be redacted from XML content

---

isEnabled

isEnabled() : boolean

Gets whether HTTP client logging is enabled.

Returns:

true if logging is enabled, false otherwise

---

setEnabled

setEnabled(enabled : boolean) : void

Sets whether HTTP client logging is enabled.

When enabled, HTTP requests and responses will be logged according to the configured log level and sensitive field redaction settings. When disabled, no HTTP logging will occur.

Parameters:

enabled - true to enable logging, false to disable

---

setLevel

setLevel(level : String) : void

Sets the log level for HTTP client logging.

The log level determines the verbosity of HTTP logging output. Available levels:

• DEBUG: Most verbose, includes detailed request/response information
• INFO: Standard level, includes basic request/response details
• WARN: Only logs warnings and errors
• ERROR: Only logs errors

Parameters:

level - the log level (DEBUG, INFO, WARN, ERROR). Case-insensitive.

---

setSensitiveBodyFields

setSensitiveBodyFields(fields : String...) : void

Sets the sensitive body fields that should be redacted from HTTP form data.

When HTTP requests or responses contain form data (application/x-www-form-urlencoded), any parameters matching the specified field names will be redacted with "****FILTERED****" in the logs. Sensitive Field MUST be set else logging will be skipped for form body type Setting with empty array will use default values ["name", "email", "email_address", "ssn", "first_name", "last_name"]

Example:

 config.setSensitiveBodyFields(["fname", "creditCard", "ssn_last_4"]);
 

Parameters:

fields - an array of field names to redact from form data

---

setSensitiveHeaders

setSensitiveHeaders(headers : String...) : void

Sets the sensitive headers that should be redacted from HTTP requests/responses.

Any HTTP headers matching the specified names will be redacted with "****FILTERED****" in the logs. This is useful for protecting sensitive authentication tokens, API keys, and session information. Sensitive Headers MUST be set else logging will be skipped for headers Setting the sensitive headers with empty array will use default values ["authorization", "cookie"]

Example:

 config.setSensitiveHeaders([ "x-api-key", "x-auth-token"]);
 config.setSensiviteHeaders([]);
 

Parameters:

headers - an array of header names to redact

---

setSensitiveJsonFields

setSensitiveJsonFields(fields : String...) : void

Sets the sensitive JSON fields that should be redacted from HTTP request/response bodies.

When HTTP requests or responses contain JSON content, any fields matching the specified names will be redacted with "****FILTERED****" in the logs. Sensitive Field MUST be set else logging will be skipped for JSON body type Setting with empty array will use default values ["name", "email", "email_address", "ssn", "first_name", "last_name", "password"]

Example:

 config.setSensitiveJsonFields(["password", "creditCard", "ssn"]);
 

Parameters:

fields - an array of field names to redact from JSON content

---

setSensitiveTextPatterns

setSensitiveTextPatterns(patterns : String...) : void

Sets the sensitive text patterns that should be redacted from HTTP request/response bodies.

When HTTP requests or responses contain text content, any text matching the specified regex patterns will be redacted with "****FILTERED****" in the logs.

Example:

 config.setSensitiveTextPatterns(["password", "credit.*card", "\\d{3}-\\d{2}-\\d{4}"]);
 

Parameters:

patterns - an array of regex patterns to match and redact from text content

---

setSensitiveXmlFields

setSensitiveXmlFields(fields : String...) : void

Sets the sensitive XML fields that should be redacted from HTTP request/response bodies.

When HTTP requests or responses contain XML content, any elements or attributes matching the specified names will be redacted with "****FILTERED****" in the logs. Sensitive Field MUST be set else logging will be skipped for XML body type Setting with empty array will use default values ["name", "email", "email_address", "ssn", "first_name", "last_name", "password"]

Example:

 config.setSensitiveXmlFields(["password", "creditCard", "ssn"]);
 

Parameters:

fields - an array of element/attribute names to redact from XML content

---

© Copyright 2000-2025, salesforce.com inc. All rights reserved. Various trademarks held by their respective owners.