[Tracing] Add URI query parameter sanitization #35372
Labels
Azure.Core
Client
This issue points to a problem in the data-plane of the library.
needs-team-attention
This issue needs attention from Azure service team or SDK team
By default, the
url.full
HTTP span attribute contains no sanitization. We should change the default to sanitize all query parameters that do not fall into some allow list.Example:
https://server:port/path/a/b/c?foo=REDACTED&bar=REDACTED&api-version=1.2.34
This "allow list" for query parameters should also be configurable by users. The HttpLoggingPolicy does have a
allowed_query_params
field, but this does not appear to be getting any use. Something similar could be employed to allow user customization.The text was updated successfully, but these errors were encountered: