Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SANITIZE_FIELD_NAMES and http-headers Filter #1924

Closed
astorm opened this issue Dec 17, 2020 · 1 comment
Closed

SANITIZE_FIELD_NAMES and http-headers Filter #1924

astorm opened this issue Dec 17, 2020 · 1 comment
Labels
agent-nodejs Make available for APM Agents project planning.
Milestone
next-major

Comments

@astorm
Copy link
Contributor

astorm commented Dec 17, 2020
edited by trentm
Loading

The next major release should include the following refinements to the SANITIZE_FIELD_NAMES and http-filtering in order to bring us into full complicated with the spec.

Specifically, this includes

  1. Remove ['pw','pass','connect.sid'] from the SANITIZE_FIELD_NAMES defaults
    (Update: Decision 2023-07-25 to NOT do this. Do not want a compat breakage to drop these.)
  2. Conform to the java agent behavior of capturing cookies in transaction.context.request.cookies and blanking out transaction.context.request.headers.cookies. (Update: this was implemented recently in Send cookies explicitly into context.request's transaction #3322)
  3. Redact/sanitize transaction.context.request.cookies per spec (Done. See Send cookies explicitly into context.request's transaction #3322)
  4. Remove the individual redacting of the set-cookie http header and values (Done. See Send cookies explicitly into context.request's transaction #3322)
  5. Consider either removing the http-headers filter entirely or moving all SANITIZE_FIELD_NAMES logic into this filter. (Done. See Send cookies explicitly into context.request's transaction #3322)
@astorm astorm added this to the next-major milestone Dec 17, 2020
@github-actions github-actions bot added the agent-nodejs Make available for APM Agents project planning. label Dec 17, 2020
@astorm astorm mentioned this issue Dec 17, 2020
Merged
9 tasks
@trentm
Copy link
Member

trentm commented Jul 25, 2023

See the "Update" and "Done" notes above.

@trentm trentm closed this as completed Jul 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
agent-nodejs Make available for APM Agents project planning.
Projects
None yet
Milestone
next-major
Development

No branches or pull requests
2 participants
@trentm @astorm