Conversation
solnic
force-pushed
the
refa/extract-scrubber
branch
from
be681bf to
4a3d177
Compare
Move the recursive map/list scrubbing logic and default sensitive parameter keys out of Sentry.PlugContext and into a new framework-agnostic Sentry.Scrubber module so it can be reused by other parts of the SDK (for example, Sentry.LiveViewHook). PlugContext now delegates to Sentry.Scrubber.scrub_map/1 from default_body_scrubber/1. No behavior change. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The Sentry data collection spec requires that key/header **names** are always preserved while only **values** for sensitive keys are replaced with the placeholder. The previous default_header_scrubber dropped the 'authorization', 'authentication', and 'cookie' headers entirely, hiding from operators the fact that those headers were even present. Now header names are kept and only their values are scrubbed via Sentry.Scrubber.scrub_map/2 using the spec denylist plus 'cookie'. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Per the Sentry data collection spec, key names must be preserved and only values may be replaced. The previous default_cookie_scrubber returned an empty map, hiding which cookies were present on the request. The new default keeps cookie names and replaces every value with '[Filtered]', giving operators visibility while still preventing session leaks. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The query_string field of the request interface was sent verbatim, even when callers had configured a url_scrubber. This bypassed the scrubber for the query portion and could leak tokens, passwords, and session ids passed via the URL. Add default_query_string_scrubber/1 which parses the query, redacts values whose keys match the Sentry.Scrubber denylist, and re-encodes. The empty query string short-circuits to avoid an unnecessary parse. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
solnic
force-pushed
the
refa/extract-scrubber
branch
from
4a3d177 to
db22943
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
TBD