Mask your credentials at the Scripting Engine text field

Basic Information (Must Read)

We have created a mechanism to “hide” your credentials on your Scripting Engine to avoid other users seeing these details.

Anywhere in a script where there is a: MASK[[[…]]] , it will be replaced on Save with a MASKED[[[credential_1]]] hiding the stored credentials/other information. The credentials cannot be retrieved or shown by any means.

Syntax : MASK[[[ MY_PASSWORD ]]]

(lightbulb) There are three (3) openings [[[ and three (3) closures ]]] in the syntax.

Parameter Type Description

MY_PASSWORD Number, Character Required. The credential that you want to mask.

💡Web-Widgets: The Masking Mechanism is available in the Custom Web-Widgets as well.

If you want to mask any valuable information or any credentials in your custom Web-Widgets, you can use the above Syntax in your Custom Web-Widget’s Scripting Engine text field too.

Security

  1. There is no way to edit a stored credential of the form MASKED[[[credential_…]]]. ; an error will be reported.
    One has to change it back to MASK[[[YOUR_PASSWORD]]] by re-typing “YOUR_PASSWORD.”
  2. You cannot re-use (copy-paste) a stored credential in the same script or another script.
    ( For example: if there is a MASKED[[[credential_1]]] somewhere in the script, one cannot add another reference to credential_1 further down in the script by entering MASKED[[[credential_1]]]; an error will be reported.
  3. Each credential can be used only once in every script.
  4. Mask the entire script or a specific scripting line.

How to Mask your stored credentials

For my example, I used the script code from the Microsoft Account authentication

Below you can see how the script will be displayed in your Scripting Engine text field:

Unmasked Script

type("""#i0116""", """MY_EMAIL""")
pause(1)
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MY_PASSWORD""")
pause(1)
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")

To Mask my Email and my Password, I have to modify the script as follows:

MY_EMAIL MASK[[[MY_EMAIL]]]
MY_PASSWORD MASK[[[MY_PASSWORD]]]

How the script should be displayed in your Scripting Engine text field after the “Masking” procedure:

Masked Script

type("""#i0116""", """MASK[[[MY_EMAIL]]]""")
pause(1)
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MASK[[[MY_PASSWORD]]]""")
puase(1)
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")

How the script should be displayed in your Scripting Engine text field after you save your web-page:

Masked Script after the Save

type("""#i0116""", """MASKED[[[credential_1]]]""")
pause(1)
runScript("""
document.querySelector("#i0116").dispatchEvent(new Event("change"))
""")
pause(2)
click("""#idSIButton9""")
pause(2)
type("""#i0118""", """MASKED[[[credential_2]]]""")
pause(1)
runScript("""
document.querySelector("#i0118").dispatchEvent(new Event("change"))
""")
pause(2)
clickAndWait("""#idSIButton9""")
click("""#KmsiCheckboxField""")
pause(2)
click("""#idSIButton9""")

hash credentials

How to Mask the entire Script or any scripting line

With this mechanism, you can Mask the entire script so other users won’t see any details regarding your script.

Let’s say that we have the below script code:

type("""#i0116""", """MY_EMAIL""")
pause(1)
type("""#i0118""", """MY_PASSWORD""")
pause(1)
click("""#idSIButton9""")

To Mask the entire script, I have to modify the sample script as follows:

MASK[[[
type("""#i0116""", """MY_EMAIL""")
pause(1)
type("""#i0118""", """MY_PASSWORD""")
pause(1)
click("""#idSIButton9""")
]]]

The Masked Script after Saving the Web-page:

MASKED[[[credential_1]]]

hashed credentials

Wrong Syntax

It is not possible to mask your credentials and then try to mask the entire script.
You will have to choose between masking the entire script or the credentials in it.

The Scripting engine will not accept the below syntax:

(error)
MASK[[[
type(“””#i0116″””, “””MASK[[[MY_EMAIL]]]”””)
pause(1)
type(“””#i0118″””, “””MASK[[[MY_PASSWORD]]]”””)
pause(1)
click(“””#idSIButton9″””)
]]]
(error)