Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Enforce masking of credit card fields #166

Merged
merged 3 commits into from
Feb 1, 2024
Merged

feat: Enforce masking of credit card fields #166

merged 3 commits into from
Feb 1, 2024

Conversation

mydea
Copy link
Member

@mydea mydea commented Feb 1, 2024

This is on top of #165, actually fixing the behavior so that certain fields cannot be unmasked.

This is a pretty straightforward fix, a bit "hacky" but should work well enough.

Fixes getsentry/sentry-javascript#10258

@mydea mydea self-assigned this Feb 1, 2024
@mydea mydea requested review from billyvg and c298lee February 1, 2024 15:46
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 1, 2024
edited

size-limit report 📦

Path Size
rrweb - record only (gzipped) 16.75 KB (+0.4% 🔺)
rrweb - record & CanvasManager only (gzipped) 19.41 KB (+0.32% 🔺)
rrweb - record only (min) 57.14 KB (+0.32% 🔺)
rrweb - record with treeshaking flags (gzipped) 15.54 KB (+0.42% 🔺)

Base automatically changed from fn/disallow-cc to sentry-v2 February 1, 2024 16:03
@mydea mydea force-pushed the fn/disallow-cc-autocomplete branch from 7d782e9 to 42e28c3 Compare February 1, 2024 16:06
@mydea
Copy link
Member Author

mydea commented Feb 1, 2024

@billyvg added another test here in rrweb that tests this "in-depth", both adding new elements, changing their values etc.

@mydea mydea marked this pull request as ready for review February 1, 2024 16:07
@mydea mydea merged commit 432fe1f into sentry-v2 Feb 1, 2024
2 checks passed
@mydea mydea deleted the fn/disallow-cc-autocomplete branch February 1, 2024 16:12
billyvg pushed a commit that referenced this pull request Apr 26, 2024
@mydea @billyvg
feat: Enforce masking of credit card fields (#166)
2af4009 
This is on top of #165, actually
fixing the behavior so that certain fields cannot be unmasked.

This is a pretty straightforward fix, a bit "hacky" but should work well
enough.

Fixes getsentry/sentry-javascript#10258

---------

Co-authored-by: mydea <mydea@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@billyvg billyvg billyvg approved these changes

@c298lee c298lee Awaiting requested review from c298lee

Assignees

@mydea mydea

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Replay: Make unmasking of detectable sensitive fields impossible
2 participants
@mydea @billyvg