Capture environment variables 💯🎉

src/Pidget.AspNet/RequestDataProvider.cs

@@ -23,6 +23,7 @@ public RequestData GetRequestData(HttpRequest request)
                 Cookies = GetCookies(request),
                 Headers = GetHeaders(request),
                 QueryString = GetQueryString(request),
+                Environment = GetEnvironmentVariables()
             };
 
         public string GetUrl(HttpRequest request)
@@ -57,6 +58,9 @@ public IDictionary<string, string> GetForm(HttpRequest request)
                 ? _sanitizer.SanitizeForm(request)
                 : null;
 
+        public IDictionary<string, string> GetEnvironmentVariables()
+            => _sanitizer.GetSanitizedEnvironmentVairables();
+
         private bool IsUrlEncodedForm(string contentType)
             => contentType != null && contentType.Equals(
                 value: "application/x-www-form-urlencoded",

src/Pidget.AspNet/Sanitizing/RequestSanitizer.cs

@@ -30,6 +30,15 @@ public IDictionary<string, string> SanitizeCookies(HttpRequest request)
         public IDictionary<string, string> SanitizeQuery(HttpRequest request)
             => request.Query.ToDictionary(k => k.Key, SanitizeHeaderValue);
 
+        public IDictionary<string, string> GetSanitizedEnvironmentVairables()
+        {
+            var envVars = Environment.GetEnvironmentVariables();
+
+            return envVars.Keys.Cast<string>()
+                .ToDictionary(k => k, k
+                    => SanitizeValue(k, (string)envVars[k]));
+        }
+
         private string SanitizeCookieValue(
             KeyValuePair<string, string> kvp)
             => IsAuth(kvp.Key) || IsSession(kvp.Key)

test/Pidget.AspNet.Test/RequestDataProviderTests.cs

@@ -190,6 +190,17 @@ public void NullForm_ReturnsNull()
             Assert.Null(form);
         }
 
+        [Theory, InlineData("ASPNET_ENVIRONMENT", "Development")]
+        public void SetsEnvironmentVariables(string name, string value)
+        {
+            Environment.SetEnvironmentVariable(name, value);
+
+            var envVars = RequestData.GetEnvironmentVariables();
+
+            Assert.Contains(name, envVars.Keys);
+            Assert.Contains(value, envVars.Values);
+        }
+
         public void GetData()
         {
             var requestMock = new Mock<HttpRequest>();
@@ -229,6 +240,8 @@ public void GetData()
                     PairsToDictionary(new[] { "foo=bar" }, s => new StringValues(s))))
                 .Verifiable();
 
+            Environment.SetEnvironmentVariable("foo", "bar");
+
             var request = RequestData.GetRequestData(requestMock.Object);
 
             requestMock.Verify();
@@ -239,6 +252,8 @@ public void GetData()
             Assert.NotNull(request.Headers);
             Assert.NotNull(request.Cookies);
             Assert.NotNull(request.Data);
+            Assert.True(request.Environment
+                .Contains(new KeyValuePair<string, string>("foo", "bar")));
         }
 
         private static Dictionary<string, TValue> PairsToDictionary<TValue>(

test/Pidget.AspNet.Test/RequestSanitizerTests.cs

@@ -119,5 +119,19 @@ public void GetQuery_ReturnsProvidedQuery(string query, string expectedQuery)
             Assert.Equal(expectedQuery,
                 actual: QueryString.Create(sanitizedParams).ToUriComponent());
         }
+
+        [Theory, InlineData("password", "foo", "OMITTED")]
+        public void SanitizesEnvironmentVariables(string name,
+            string value,
+            string expectedValue)
+        {
+            Environment.SetEnvironmentVariable(name, value);
+
+            var sanitizedParams = RequestSanitizer.Default
+                .GetSanitizedEnvironmentVairables();
+
+            Assert.Equal(expectedValue,
+                actual: sanitizedParams[name]);
+        }
     }
 }