Page tree
Skip to end of metadata
Go to start of metadata

Basic Information (Must Read)

We have created a mechanism to "hide" your credentials on your Scripting Engine to avoid other users seeing these details.

Anywhere in a script where there is a: MASK[[[...]]], it will be replaced on Save with a MASKED[[[credential_1]]] hiding the stored credentials/other information. The credentials cannot be retrieved or shown by any means.

Syntax: MASK[[[MY_PASSWORD]]] 

(lightbulb)There are three (3) openings [[[ and three (3) closures ]]] in the syntax.

ParameterTypeDescription
MY_PASSWORDNumber, CharacterRequired. The credential that you want to mask.

Web-Widgets

The Masking Mechanism is available in the Custom Web-Widgets as well.

If you want to mask any valuable information or any credentials in your custom Web-Widgets, you can use the above Syntax in your Custom Web-Widget's Scripting Engine text field too.

Security

  1. There is no way to edit a stored credential of the form MASKED[[[credential_...]]].; an error will be reported.
    O
    ne has to change it back to MASK[[[YOUR_PASSWORD]]] by re-typing “YOUR_PASSWORD.”

  2. You cannot re-use (copy-paste) a stored credential in the same script or another script. 
    (For example: if there is a MASKED[[[credential_1]]] somewhere in the script, one cannot add another reference to credential_1 further down in the script by entering MASKED[[[credential_1]]]; an error will be reported.

  3. Each credential can be used only once in every script.

  4. Mask the entire script or a specific scripting line.

How to Mask your stored credentials

For my example, I used the script code from the Microsoft Account authentication.

Below you can see how the script will be displayed in your Scripting Engine text field:

Unmasked Script
type("""#i0116""", """MY_EMAIL""")
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MY_PASSWORD""")
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")


To Mask my Email and my Password, I have to modify the script as follows:

Before MaskingAfter Masking
MY_EMAILMASK[[[MY_EMAIL]]]
MY_PASSWORDMASK[[[MY_PASSWORD]]]


 How the script should be displayed in your Scripting Engine text field after the "Masking" procedure:

Masked Script
type("""#i0116""", """MASK[[[MY_EMAIL]]]""")
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MASK[[[MY_PASSWORD]]]""")
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")


How the script should be displayed in your Scripting Engine text field after you save your web-page:

Masked Script after the Save
type("""#i0116""", """MASKED[[[credential_1]]]""")
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MASKED[[[credential_2]]]""")
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")


hash credentials

How to Mask the entire Script or any scripting line

With this mechanism, you can Mask the entire script so other users won't see any details regarding your script.

Let's say that we have the below script code:

type("""#i0116""", """MY_EMAIL""")
pause(1)
type("""#i0118""", """MY_PASSWORD""")
pause(1)
click("""#idSIButton9""")


To Mask the entire script, I have to modify the sample script as follows:

MASK[[[
type("""#i0116""", """MY_EMAIL""")
pause(1)
type("""#i0118""", """MY_PASSWORD""")
pause(1)
click("""#idSIButton9""")
]]]


The Masked Script after Saving the Web-page:

MASKED[[[credential_1]]]


hashed credentials


Wrong Syntax

It is not possible to mask your credentials and then try to mask the entire script.
You will have to choose between masking the entire script or the credentials in it.

The Scripting engine will not accept the below syntax:

(error)
MASK[[[
type("""#i0116""", """MASK[[[MY_EMAIL]]]""")
pause(1)
type("""#i0118""", """MASK[[[MY_PASSWORD]]]""")
pause(1)
click("""#idSIButton9""")
]]]
(error)

  • No labels