| 235 | |
| 236 | impl SecurityProvider for DefaultSecurityProvider { |
| 237 | fn taint_input(&self, text: &str) { |
| 238 | if !self.config.enable_taint_tracking { |
| 239 | return; |
| 240 | } |
| 241 | |
| 242 | let matches = self.detect_sensitive(text); |
| 243 | if !matches.is_empty() { |
| 244 | let mut tainted = self.tainted_data.write().unwrap(); |
| 245 | for (name, value) in matches { |
| 246 | // Hash the value for privacy |
| 247 | let hash = format!("{}:{}", name, sha256::digest(value)); |
| 248 | tainted.insert(hash); |
| 249 | } |
| 250 | } |
| 251 | } |
| 252 | |
| 253 | fn sanitize_output(&self, text: &str) -> String { |
| 254 | if !self.config.enable_output_sanitization { |