fix(plug): broader scrubbing#1070
Draft
solnic wants to merge 3 commits into
Draft
Conversation
solnic
force-pushed
the
refa/consolidate-plug-scrubber-access
branch
3 times, most recently
from
dbe6f3d to
8408dda
Compare
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
2 times, most recently
from
4b61f38 to
2cf2586
Compare
solnic
force-pushed
the
refa/consolidate-plug-scrubber-access
branch
2 times, most recently
from
4b4dd34 to
e05c35a
Compare
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
from
2cf2586 to
67cf7dd
Compare
solnic
changed the base branch from
refa/consolidate-plug-scrubber-access
to
fix/scrub-sensitive-data-from-stacktraces
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
from
67cf7dd to
7b02f6c
Compare
solnic
force-pushed
the
fix/scrub-sensitive-data-from-stacktraces
branch
2 times, most recently
from
03dd2d1 to
9240a03
Compare
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
from
7b02f6c to
613318d
Compare
solnic
force-pushed
the
fix/scrub-sensitive-data-from-stacktraces
branch
from
9240a03 to
587cfb4
Compare
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
3 times, most recently
from
249ba4a to
ddb724d
Compare
Add a Phoenix integration endpoint that fabricates a plain FunctionClauseError (not a Phoenix.ActionClauseError) and assert that its captured stacktrace frame vars are scrubbed by Sentry.Event via StacktraceScrubber, independently of PlugCapture's ActionClauseError handling. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Expand the default @scrubbable_conn_fields so scrub/1 also clears req_cookies and assigns, scrubs body_params and query_params with the default sensitive keys, and reduces private to an allow-list of framework metadata — in addition to today's cookies/req_headers/params. assigns is cleared wholesale because auth libraries (Guardian, Pow, Coherence) routinely store decoded tokens, full user structs, and password hashes there, where no key-based heuristic redacts safely. private mixes sensitive data (the decoded session under :plug_session, Guardian's raw JWT) with high-signal framework routing metadata, so it uses the :private_allow_list strategy: Phoenix routing/render keys are retained (configurable via :scrub_conn_private_allow_list) and everything else is dropped. This keeps the most useful triage breadcrumb — which controller/action failed — without leaking secrets. Expressed entirely through the strategy-aware attribute and the allow-list mechanism from earlier commits — no changes to scrub/1 dispatch or to the consumers (Sentry.PlugContext and Sentry.PlugCapture both funnel through Sentry.Scrubber.scrub/1). The PlugContext request-interface payload is unchanged (it reads back only params/cookies/req_headers); the broadening manifests on the PlugCapture ActionClauseError conn path. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…q_cookies scrubbing Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
solnic
force-pushed
the
fix/broaden-conn-scrubber
branch
from
c3da499 to
72a3430
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
TBD