Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize sensitive data from URLs sent to Sentry #2365

Closed
Tracked by #70
adinauer opened this issue Nov 15, 2022 · 0 comments · Fixed by #2366
Closed
Tracked by #70

Sanitize sensitive data from URLs sent to Sentry #2365

adinauer opened this issue Nov 15, 2022 · 0 comments · Fixed by #2366
Assignees
@adinauer
Labels
Platform: Android Platform: Java

Comments

@adinauer
Copy link
Member

adinauer commented Nov 15, 2022
edited by antonpirker
Loading

Description

Java SDK should also change the way URLs are added to prevent sensitive data from being sent to Sentry.

Taken from getsentry/sentry-python#1742 :

When we do HTTP requests to third party services we create a breadcrumb with the URL and also create a span that has the URL as a description (and also breadcrumbs including this URL are created.)

We created RFC-0038 to decide how to improve the current situation and creating a spec here: getsentry/develop#773

Make sure that all integrations that record outgoing or incoming HTTP request structure the data like described in the spec linked above.
@adinauer adinauer moved this to Needs Discussion in Mobile & Cross Platform SDK Nov 15, 2022
@adinauer adinauer self-assigned this Nov 15, 2022
@adinauer adinauer mentioned this issue Nov 15, 2022
Merged
4 tasks
@philipphofmann philipphofmann changed the title Remove sensitive data from URLs in HTTP integrations. Sanitize sensitive data from URLs sent to Sentry Nov 15, 2022
@antonpirker antonpirker mentioned this issue Nov 16, 2022
Closed
9 tasks
@marandaneto marandaneto mentioned this issue Nov 17, 2022
Closed
@markushi markushi moved this from Needs Discussion to Blocked in Mobile & Cross Platform SDK Nov 17, 2022
@markushi markushi moved this from Blocked to Backlog in Mobile & Cross Platform SDK Dec 7, 2022
@github-project-automation github-project-automation bot moved this from Backlog to Done in Mobile & Cross Platform SDK Jan 30, 2023
@denrase denrase mentioned this issue Mar 14, 2023
Merged
6 tasks
@kahest kahest mentioned this issue Apr 21, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adinauer adinauer

Labels
Platform: Android Platform: Java
Projects
Mobile & Cross Platform SDK
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove authority from URLs sent to Sentry getsentry/sentry-java
2 participants
@markushi @adinauer