expect(body.error.details.secrets_detected).toContain("OPENSSH_PRIVATE_KEY");
// Check headers
- expect(res.headers.get("X-LLM-Shield-Secrets-Detected")).toBe("true");
- expect(res.headers.get("X-LLM-Shield-Secrets-Types")).toContain("OPENSSH_PRIVATE_KEY");
+ expect(res.headers.get("X-PasteGuard-Secrets-Detected")).toBe("true");
+ expect(res.headers.get("X-PasteGuard-Secrets-Types")).toContain("OPENSSH_PRIVATE_KEY");
});
test("blocks request with PEM private key", async () => {
error: { details: { secrets_detected: string[] } };
};
expect(body.error.details.secrets_detected).toContain("PEM_PRIVATE_KEY");
- expect(res.headers.get("X-LLM-Shield-Secrets-Detected")).toBe("true");
+ expect(res.headers.get("X-PasteGuard-Secrets-Detected")).toBe("true");
});
test("allows request without secrets", async () => {
// Should not be blocked (may fail for other reasons like missing auth, but not 422)
expect(res.status).not.toBe(422);
// Should not have secrets detection headers
- expect(res.headers.get("X-LLM-Shield-Secrets-Detected")).toBeNull();
+ expect(res.headers.get("X-PasteGuard-Secrets-Detected")).toBeNull();
});
test("does not set secrets headers when no secrets detected", async () => {
});
// Should not have secrets headers
- expect(res.headers.get("X-LLM-Shield-Secrets-Detected")).toBeNull();
- expect(res.headers.get("X-LLM-Shield-Secrets-Types")).toBeNull();
+ expect(res.headers.get("X-PasteGuard-Secrets-Detected")).toBeNull();
+ expect(res.headers.get("X-PasteGuard-Secrets-Types")).toBeNull();
});
});
const secretTypesStr = secretTypes.join(", ");
// Set headers before returning error
- c.header("X-LLM-Shield-Secrets-Detected", "true");
- c.header("X-LLM-Shield-Secrets-Types", secretTypesStr);
+ c.header("X-PasteGuard-Secrets-Detected", "true");
+ c.header("X-PasteGuard-Secrets-Types", secretTypesStr);
// Block action (Phase 1) - return 422 error
if (config.secrets_detection.action === "block") {
}
}
- setShieldHeaders(c, decision, secretsDetected, secretsTypes);
+ setPasteGuardHeaders(c, decision, secretsDetected, secretsTypes);
if (result.isStreaming) {
return handleStreamingResponse(
}
/**
- * Set X-LLM-Shield response headers
+ * Set X-PasteGuard response headers
*/
-function setShieldHeaders(
+function setPasteGuardHeaders(
c: Context,
decision: RoutingDecision,
secretsDetected?: boolean,
secretsTypes?: string[],
) {
- c.header("X-LLM-Shield-Mode", decision.mode);
- c.header("X-LLM-Shield-Provider", decision.provider);
- c.header("X-LLM-Shield-PII-Detected", decision.piiResult.hasPII.toString());
- c.header("X-LLM-Shield-Language", decision.piiResult.language);
+ c.header("X-PasteGuard-Mode", decision.mode);
+ c.header("X-PasteGuard-Provider", decision.provider);
+ c.header("X-PasteGuard-PII-Detected", decision.piiResult.hasPII.toString());
+ c.header("X-PasteGuard-Language", decision.piiResult.language);
if (decision.piiResult.languageFallback) {
- c.header("X-LLM-Shield-Language-Fallback", "true");
+ c.header("X-PasteGuard-Language-Fallback", "true");
}
if (decision.mode === "mask") {
- c.header("X-LLM-Shield-PII-Masked", decision.piiResult.hasPII.toString());
+ c.header("X-PasteGuard-PII-Masked", decision.piiResult.hasPII.toString());
}
if (secretsDetected && secretsTypes) {
- c.header("X-LLM-Shield-Secrets-Detected", "true");
- c.header("X-LLM-Shield-Secrets-Types", secretsTypes.join(","));
+ c.header("X-PasteGuard-Secrets-Detected", "true");
+ c.header("X-PasteGuard-Secrets-Types", secretsTypes.join(","));
}
}
git.99rst.org / sgasser-llm-shield.git / commitdiff