swirec_sensitive_query_keys
Suppresses logging of confidential values in grammar URI strings.
Value |
The name of a key in a grammar URI. DEFAULT: (empty) |
How to set |
Shown in precedence order (see Rules of parameter precedence): Set in the browser, using the Vendor-Specific-Parameters header in a RECOGNIZE or SET-PARAMS method. In the application's session xml in the <speechrecog> section of <sessionparameters>. In Management Station set on the Nuance recognition service. If not using Management Station, set in a Recognizer configuration file (User-nrsxx.xml). |
Usage |
Occasionally used by grammar developers when passing confidential values to grammar URIs. Setting in the session.xml is the most common technique. |
This parameter protects data in a grammar URI from unauthorized access. By default, the recognizer writes complete grammar URIs to the call log (in the rcst event), including any keys and values in the query string, which often contain sensitive information. This parameter enables you to suppress logging of this information.
As an example, each of the following URIs contains confidential data that needs protection:
http://myserver/securityCode.grxml?SWI_vars.ssnum=123456789
http://myserver/birthdate.grxml?SWI_vars.bdate=01301960
http://myserver/password.grxml?sessionID=45678
Browsers set this parameter using Vendor-Specific-Parameters:
Vendor-Specific-Parameters: swirec_sensitive_query_keys="SWI_vars.ssnum SWI_vars.bdate sessionID"
In response, the call log contains URI values like these:
http://myserver/ssnum.grxml?SWI_vars.ssnum=_suppressed
http://myserver/ssnum.grxml?SWI_vars.bdate=_suppressed
http://myserver/ssnum.grxml?sessionID=_suppressed
For details on SWI_vars variables, see Special SWI_ keys.
Related parameter