Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Implement processors/sanitization API #59

Open
dcramer opened this Issue · 10 comments

5 participants

@dcramer
Owner

No description provided.

@defunctzombie

What is this? Could you give some more details or a link to what should be implemented?

@mattrobenolt

@defunctzombie In raven-python, there is logic to check each value if it's sensitive before sending it to Sentry. So say, passwords or CC#s, etc.

@defunctzombie

Ah that type of sanitization. Do you have a link to an example of that logic in the python one? I kinda feel this is outside the scope of this lib but maybe an example will clear that up. This lib should log what you tell it to log.

@mattrobenolt

I disagree. This is a fundamental thing our clients do to prevent accidentally leaking sensitive information.

Effectively this: https://github.com/getsentry/raven-python/blob/master/raven/processors.py

More emphasis on having a way to hook in processors that Raven can run and you could supply your own if you wanted. But the core needs the ability to run a set of processors.

@defunctzombie

Oh I see because some of those can't be sanitized beforehand (especially the stacktrace ones). Is this sanitization code provided by the module or does the end user provide that code you linked? If it is module provided why not just do it in the module?

How do you hook new ones into the python lib? An option when creating the logging client?

@dcramer
Owner

Raven(processors=[...])

@amccausl

Is this being worked on or would a pull request be considered?

@mattrobenolt

Feel free. :) It's not being worked on my anyone that I know of.

@andyuk

Yes please - I'd like this feature. Security should be top priority. Obviously not the case here. Free coffee for first person to issue a pull request for this.

@dcramer
Owner

While not ideal, data still gets scrubbed on the server.

I would -1 our existing processors API as its kind of shitty, and really what we want to do is just have a set of commands that take the data input and give the data output.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.