This repository has been archived by the owner on May 24, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
Do not sent POST body to Sentry #261
Comments
@relud @jvehent @mostlygeek Feedback? |
I definitely think it should be omitted |
I favor omission too. Are there circumstances where having the URLs would help with debugging? If not, then they definitely should be omitted. |
Aye, let's omit and reduce the number of places where we store user sensitive stuff. |
Okay I was not paying attention. This is the wrong repo. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
We presently use Sentry to log exceptions, however this will send the POST body in its entirety to our ops controlled sentry instance which will contain unobfuscated URLs which come from users histories. We should be omitting or obfuscating this in some way to prevent leaking users histories.
The text was updated successfully, but these errors were encountered: