This repository has been archived by the owner on Dec 4, 2018. It is now read-only.
No way to filter authorization header #127
Labels
Comments
|
Hi Joe, thanks for the report. I've discussed with with the team and it seems like a perfectly reasonable suggestion. I'll get it scheduled. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Expected behavior
Our Bugsnag is configured for express. When an express request has an error, Bugsnag logs all sorts of useful info about the request, including HTTP headers. The authorization header contains sensitive information and recording them in Bugsnag could violate privacy concerns. Depending on the application, other HTTP headers could contain information that is just as sensitive. Adding adding a configuration filter for authorization should also apply the filter to headers.
Observed behavior
Adding a filter does not apply to headers when used with express.
The text was updated successfully, but these errors were encountered: