Ask the Community
Hide sensitive test data
Learn how to prevent sensitive test data from appearing in the logs of Appium tests in BrowserStack App Automate.
If you are using the older dashboard, refer to the old dashboard documentation.
To execute some test scenarios, you use commands that send or retrieve data like email ID, cookies, credentials, etc. to or from remote devices. In App Automate, this data may appear in session logs, text, video, screenshots, and Appium logs.
This guide shows you how to prevent this data from appearing in the session logs by:
-
Masking values in text and raw session logs.
-
Disabling specific logs - video and visual logs.
Masking sensitive data in text and raw logs
If you are using BrowserStack SDK, you can set the following capabilities in the browserstack.yml file:
| Capability | Value |
|---|---|
|
browserstack.maskCommands Use this capability to mask the data sent or retrieved by certain commands. You can specify commands for full masking or use a regex for partial, granular masking. Note: You can pass multiple commands in a single array, separated by commas. |
Default: Empty array screenshot Masks the output of the screenshot command. setValues All the text sent via sendKeys command will be redacted.getValues All the text retrieved via get command will be redacted.setCookies All the cookies which are set by the addCookie command will be redacted. getCookies All the cookie values obtained using the getCookies and getCookieNamed command will be redacted. |
Example
The following sample shows how to configure your Appium tests using maskCommands capability:
This will replace all keystrokes and other values with REDACTED in your App Automate session logs (text and raw).
Using BrowserStack’s maskCommands capability, you can also mask the output of the screenshot command instead of uploading the image. Here is an example to do this:
Mask with regular expressions
The enhanced browserstack.maskCommands capability allows you to mask only specific portions of sensitive data by defining regular expressions (regex). This is ideal when you need to hide credentials without redacting all information passed via commands like sendKeys.
This feature supports setValues, getValues, setCookies, and getCookies commands. Masking applies to Appium logs and Text logs.
Capability format (array of JSON objects)
To enable granular masking, pass an array of JSON objects to the capability. If you omit the regex value, the platform applies full masking for that command.
| Key | Description |
|---|---|
| cmd | The Appium command to target: setValues, getValues, setCookies, or getCookies. |
| regex | (Optional) A regular expression used to match the text to redact. If the regex is omitted, all all data for that command is masked. |
The platform attempts to match the provided regex pattern against the value passed to the command. Define patterns that capture the sensitive string or substring within the data. For example, user.* will match any value containing the string “user” followed by any characters.
Example
| Command/Action | Resulting Masking Behavior |
|---|---|
Text sent via setValues containing the substring ‘user’ |
Masked (e.g., sendKeys("username") or sendKeys("myuseraccount") are both masked). |
All values retrieved via getValues
|
Masked (since the regex key was omitted). |
Cookies set via setCookies containing ‘sample’ or ‘test’ |
Masked. |
Any info as a part of getCookies
|
Not masked, as the command was not included in the capability list. |
Disable specific logs
Apart from text and raw session logs, BrowserStack App Automate also has video and visual logs.
To prevent sensitive information from appearing in these logs, you’ll need to disable them individually.
Disabling video logs
By default, video logs are enabled for all App Automate sessions. Use the following capability to disable it.
| Capability | Value |
|---|---|
|
video Use this capability to enable or disable video log of your App Automate test. |
true, false Default: true
|
The sample below shows how to use video capability to disable video recording in your test:
Disabling visual logs (screenshots)
BrowserStack provides a visual log for App Automate sessions. These are screenshots generated at different steps in your test script.
To prevent sensitive information from getting captured in these screenshots, make sure that visual logs are disabled. If not, set the debug capability to false.
| Capability | Value |
|---|---|
|
debug Use this capability to enable or disable visual log in your App Automate session. |
true, false Default: false
|
The sample below shows how to use debug capability to disable visual log in your test:
Hide sensitive data in Appium logs
You can now use the maskCommands capability for an added layer of security, providing more robust masking directly within the appiumLogs
Appium versions 2.15.0 and 2.18.0 automatically enable this enhanced protection for both iOS and Android. Set the Appium version in your capabilities to activate it.
Example
This masks the element/send_keys command data in text logs, videos, and screenshots.
{
'browserstack.maskCommands' => 'setValues'
}
Disabling the Appium logs
For every App Automate session, you get Appium logs by default.
You can disable Appium logs by using the following capabilities:
| Capability | Value |
|---|---|
|
appiumLogs Use this capability to disable appium logs for your tests. |
true, false Default: true
|
The sample below shows how to disable appiumLogs and capabilities for your test:
BrowserStack SDK is a plug-n-play solution that takes care of all the integration steps for you. Using the BrowserStack SDK is the recommended integration method for your project. To know more, visit the SDK core concepts page .
BrowserStack’s maskCommands capability hides data that you send to or retrieve from the remote browsers through the following commands:
| Capability | Value |
|---|---|
|
browserstack.maskCommands Use this capability to mask the data sent or retrieved by certain commands. You can specify commands for full masking or use a regex for partial, granular masking. Note: You can pass multiple commands in a single array, separated by commas. |
Default: Empty array screenshot Masks the output of the screenshot command. setValues All the text sent via sendKeys command will be redacted.getValues All the text retrieved via get command will be redacted.setCookies All the cookies which are set by the addCookie command will be redacted. getCookies All the cookie values obtained using the getCookies and getCookieNamed command will be redacted. |
Example
The following sample shows how to configure your Appium tests using maskCommands capability:
DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("maskCommands", "setValues, getValues, setCookies, getCookies");
capabilities.setCapability("bstack:options", browserstackOptions);
var capabilities = {
'bstack:options' : {
"maskCommands" : 'setValues, getValues, setCookies, getCookies'
}
}
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("maskCommands", "setValues, getValues, setCookies, getCookies");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
$caps = array(
'bstack:options' => array(
"maskCommands" => "setValues, getValues, setCookies, getCookies",
)
)
desired_cap = {
'bstack:options' : {
"maskCommands" : "setValues, getValues, setCookies, getCookies",
}
}
capabilities = {
'bstack:options' => {
"maskCommands" => "setValues, getValues, setCookies, getCookies",
}
}
This will replace all keystrokes and other values with REDACTED in your App Automate session logs (text and raw).
Using BrowserStack’s maskCommands capability, you can also mask the output of the screenshot command instead of uploading the image. Here is an example to do this:
DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("maskCommands", "screenshot, setValues, getValues, setCookies, getCookies");
capabilities.setCapability("bstack:options", browserstackOptions);
var capabilities = {
'bstack:options' : {
"maskCommands" : 'screenshot, setValues, getValues, setCookies, getCookies'
}
}
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("maskCommands", "screenshot, setValues, getValues, setCookies, getCookies");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
$caps = array(
'bstack:options' => array(
"maskCommands" => "screenshot, setValues, getValues, setCookies, getCookies",
)
)
desired_cap = {
'bstack:options' : {
"maskCommands" : "screenshot, setValues, getValues, setCookies, getCookies",
}
}
capabilities = {
'bstack:options' => {
"maskCommands" => "screenshot, setValues, getValues, setCookies, getCookies",
}
}
It is recommended that you disable the Appium logs since the maskCommands capability masks only the sensitive data from Text & Raw Logs. The sensitive information from Appium Logs remains unmasked.
BrowserStack’s maskCommands capability hides data that you send to or retrieve from the remote browsers through the following commands:
| Capability | Value |
|---|---|
|
browserstack.maskCommands Use this capability to mask the data sent or retrieved by certain commands. You can specify commands for full masking or use a regex for partial, granular masking. Note: You can pass multiple commands in a single array, separated by commas. |
Default: Empty array screenshot Masks the output of the screenshot command. setValues All the text sent via sendKeys command will be redacted.getValues All the text retrieved via get command will be redacted.setCookies All the cookies which are set by the addCookie command will be redacted. getCookies All the cookie values obtained using the getCookies and getCookieNamed command will be redacted. |
Example
The following sample shows how to configure your Appium tests using browserstack.maskCommands capability:
caps.setCapability("browserstack.maskCommands", "setValues, getValues, setCookies, getCookies");
capabilities['browserstack.maskCommands'] = 'setValues, getValues, setCookies, getCookies'
caps.SetCapability("browserstack.maskCommands", "setValues, getValues, setCookies, getCookies");
$caps["browserstack.maskCommands"] = "setValues, getValues, setCookies, getCookies";
caps["browserstack.maskCommands"] = "setValues, getValues, setCookies, getCookies"
caps["browserstack.maskCommands"] = "setValues, getValues, setCookies, getCookies"
This will replace all keystrokes and other values with REDACTED in your App Automate session logs (text and raw).
Using BrowserStack’s maskCommands capability, you can also mask the output of the screenshot command instead of uploading the image. Here is an example to do this:
caps.setCapability("browserstack.maskCommands", "screenshot, setValues, getValues, setCookies, getCookies");
capabilities['browserstack.maskCommands'] = 'screenshot, setValues, getValues, setCookies, getCookies'
caps.SetCapability("browserstack.maskCommands", "screenshot, setValues, getValues, setCookies, getCookies");
$caps["browserstack.maskCommands"] = "screenshot, setValues, getValues, setCookies, getCookies";
caps["browserstack.maskCommands"] = "screenshot, setValues, getValues, setCookies, getCookies"
caps["browserstack.maskCommands"] = "screenshot, setValues, getValues, setCookies, getCookies"
It is recommended that you disable the Appium logs since the browserstack.maskCommands capability masks only the sensitive data from Text & Raw Logs. The sensitive information from Appium Logs remains unmasked.
Disable specific logs
Apart from text and raw session logs, BrowserStack App Automate also has videos, visuals, and the standard Appium logs. These logs can not be masked.
To prevent sensitive information from appearing in these logs, you’ll need to disable them individually.
Disabling video logs
By default, video logs are enabled for all App Automate sessions. Use the following capability to disable it.
| Capability | Value |
|---|---|
|
video Use this capability to enable or disable video log of your Automate test. |
true, false Default: true
|
The sample below shows how to use video capability to disable video recording in your test:
DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("video", "false");
capabilities.setCapability("bstack:options", browserstackOptions);
var capabilities = {
'bstack:options' : {
"video" : "false",
}
}
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("video", "false");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
$caps = array(
'bstack:options' => array(
"video" => "false"
)
);
desired_cap = {
'bstack:options' : {
"video" : "false",
}
}
capabilities = {
'bstack:options' => {
"video" => "false",
}
}
By default, video logs are enabled for all App Automate sessions. Use the following capability to disable it.
| Capability | Value |
|---|---|
|
browserstack.video Use this capability to enable or disable video log of your Automate test. |
true, false Default: true
|
The sample below shows how to use browserstack.video capability to disable video recording in your test:
caps.setCapability("browserstack.video", "false");
var capabilities = {
'browserstack.video' : 'false'
}
caps.SetCapability("browserstack.video", "false");
$caps["browserstack.video"] = "false";
caps["browserstack.video"] = "false"
caps["browserstack.video"] = "false"
Disabling visual logs (screenshots)
BrowserStack provides a visual log for App Automate sessions. These are screenshots generated at different steps in your test script.
To prevent sensitive information from getting captured in these screenshots, make sure that visual logs are disabled. If not, set the debug capability to false.
| Capability | Value |
|---|---|
|
debug Use this capability to enable or disable visual log in your App Automate session. |
true, false Default: false
|
The sample below shows how to use debug capability to disable visual log in your test:
DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("debug", "false");
capabilities.setCapability("bstack:options", browserstackOptions);
var capabilities = {
'bstack:options' : {
"debug" : "false",
}
}
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("debug", "false");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
$caps = array(
'bstack:options' => array(
"debug" => "false",
)
)
desired_cap = {
'bstack:options' : {
"debug" : "false"
}
}
capabilities = {
'bstack:options' => {
"debug" => "false",
}
}
BrowserStack provides a visual log for App Automate sessions. These are screenshots generated at different steps in your test script.
To prevent sensitive information from getting captured in these screenshots, make sure that visual logs are disabled. If not, set the browserstack.debug capability to false.
| Capability | Value |
|---|---|
|
browserstack.debug Use this capability to enable or disable visual log in your App Automate session. |
true, false Default: false
|
The sample below shows how to use browserstack.debug capability to disable visual log in your test:
caps.setCapability("browserstack.debug", "false");
var capabilities = {
'browserstack.debug' : 'false'
}
caps.SetCapability("browserstack.debug", "false");
$caps["browserstack.debug"] = "false";
caps["browserstack.debug"] = "false"
caps["browserstack.debug"] = "false"
Disabling the Appium logs
For every App Automate session, you get Appium logs by default. However, these logs can not be masked.
You can disable Appium logs by using the following capabilities:
| Capability | Value |
|---|---|
|
appiumLogs Use this capability to disable appium logs for your tests. |
true, false Default: true
|
The sample below shows how to disable appiumLogs capabilities for your test:
DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("appiumLogs", "false");
capabilities.setCapability("bstack:options", browserstackOptions);
var capabilities = {
'bstack:options' : {
"appiumLogs": "false",
}
}
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("appiumLogs", "false");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
$caps = array(
'bstack:options' => array(
"appiumLogs" => "false",
)
)
desired_cap = {
'bstack:options' : {
"appiumLogs": "false",
}
}
capabilities = {
'bstack:options' => {
"appiumLogs" => "false",
}
}
For every App Automate session, you get Appium logs by default. However, these logs can not be masked. You can disable Appium logs by using the following capabilities:
| Capability | Value |
|---|---|
|
browserstack.appiumLogs Use this capability to disable appium logs for your tests. |
true, false Default: true
|
The sample below shows how to disable browserstack.appiumLogs capabilities for your test:
caps.setCapability("browserstack.appiumLogs", "false");
capabilities['browserstack.appiumLogs'] = 'false';
caps.SetCapability("browserstack.appiumLogs", "false");
$caps["browserstack.appiumLogs"] = "false";
caps["browserstack.appiumLogs"] = "false"
caps["browserstack.appiumLogs"] = "false"
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
Thank you for your valuable feedback!