Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't include headers & request info in tracing span or breadcrumb #1199

Merged
merged 2 commits into from
Jan 14, 2021
Merged

Don't include headers & request info in tracing span or breadcrumb #1199

merged 2 commits into from
Jan 14, 2021

Conversation

st0012
Copy link
Collaborator

@st0012 st0012 commented Jan 13, 2021
edited
Loading

Data like request or headers can be huge in some applications. They're also likely to contain complex data structure that's hard/impossible to serialize (some might cause infinite loop).

Consider those information should have been collected in the request interface of the event, storing them in breadcrumbs could cause more harm than benefit.

@st0012 st0012 added this to the 4.1.4 milestone Jan 13, 2021
@st0012 st0012 self-assigned this Jan 13, 2021
@st0012 st0012 added this to In progress in 4.x via automation Jan 13, 2021
@codecov-io
Copy link

codecov-io commented Jan 13, 2021
edited
Loading

Codecov Report

Merging #1199 (8acb142) into master (f701932) will increase coverage by 0.91%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1199      +/-   ##
==========================================
+ Coverage   97.99%   98.90%   +0.91%     
==========================================
  Files         192       28     -164     
  Lines        8181      733    -7448     
==========================================
- Hits         8017      725    -7292     
+ Misses        164        8     -156
Impacted Files Coverage Δ
...b/sentry/rails/breadcrumb/active_support_logger.rb 100.00% <100.00%> (ø)
...ntry/rails/tracing/action_controller_subscriber.rb 100.00% <100.00%> (ø)
...ec/sentry/rails/active_support_breadcrumbs_spec.rb 100.00% <100.00%> (ø)
...rails/tracing/action_controller_subscriber_spec.rb 100.00% <100.00%> (ø)
.../lib/raven/integrations/rails/backtrace_cleaner.rb
sentry-raven/lib/raven/interfaces/message.rb
sentry-ruby/spec/sentry/event_spec.rb
sentry-ruby/spec/sentry/transaction_spec.rb
sentry-raven/spec/raven/transports/http_spec.rb
...s/rails/overrides/debug_exceptions_catcher_spec.rb
... and 158 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f701932...8acb142. Read the comment docs.

@st0012 st0012 added the tracing label Jan 13, 2021
@st0012
Remove certain data from ActiveSupportLogger
8acb142 
Data like `request` or `headers` can be huge in some applications.
They're also likely to contain complex data structure that's
hard/impossible to serialize (some might cause infinite loop).

Consider those information should have been collected in the `request`
interface of the event, storing them in breadcrumbs could cause more
harm than benefit.
@st0012 st0012 changed the title Don't include headers & request info in tracing span Don't include headers & request info in tracing span or breadcrumb Jan 13, 2021
@st0012 st0012 merged commit 7be2f1d into master Jan 14, 2021
4.x automation moved this from In progress to Done Jan 14, 2021
@st0012 st0012 deleted the reduce-unnecessary-payload branch January 14, 2021 01:56
@st0012 st0012 mentioned this pull request Jan 14, 2021
Closed
@leonid-shevtsov
Copy link

This is not enough, you need to also remove response - in particular because it contains a reference to request - and many other nasty objects too.

st0012 added a commit that referenced this pull request Jun 3, 2021
@st0012
Make sure span/breadcrumb doesn't contain response data
cf31b5e 
For the same reason mentioned in #1199
@st0012 st0012 mentioned this pull request Jun 3, 2021
Merged
@st0012
Copy link
Collaborator Author

st0012 commented Jun 3, 2021

@leonid-shevtsov I'm sorry that I missed this comment 🙇 I've added #1463 to fix the issue.

st0012 added a commit that referenced this pull request Jun 3, 2021
@st0012
Make sure span/breadcrumb doesn't contain response data
07ef132 
For the same reason mentioned in #1199
st0012 added a commit that referenced this pull request Jun 3, 2021
@st0012
Remove response from breadcrumb and span (#1463)
a2d6bbe 
* Correct breadcrumb logger's test setup

* Make sure span/breadcrumb doesn't contain response data

For the same reason mentioned in #1199

* Extract data cleanup logic to a helper module

* Update changelog
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@st0012 st0012

Labels
sentry-rails tracing
Projects
4.x
  
Done
Milestone
4.1.4
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@st0012 @codecov-io @leonid-shevtsov