Skip to content

Commit

Permalink
feat(replays): Add PII scrubbing to performance spans (#1730)
Browse files Browse the repository at this point in the history 
closes: getsentry/replay-backend#243

Co-authored-by: Joris Bayer <joris.bayer@sentry.io>
  • Loading branch information
@cmanallen @jjbayer @olksdr
2 people authored and olksdr committed Jan 11, 2023
1 parent c67e94e commit 821729d
Show file tree
Hide file tree
Showing 4 changed files with 84 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
- Remove concurrent profiling. ([#1697](https://github.com/getsentry/relay/pull/1697))
- Use the main Sentry SDK to submit crash reports instead of a custom curl-based backend. This removes a dependency on `libcurl` and ensures compliance with latest TLS standards for crash uploads. Note that this only affects Relay if the hidden `_crash_db` option is used. ([#1707](https://github.com/getsentry/relay/pull/1707))
- Support transaction naming rules. ([#1695](https://github.com/getsentry/relay/pull/1695))
- Add PII scrubbing to URLs captured by replay recordings ([#1730](https://github.com/getsentry/relay/pull/1730))

## 22.12.0

Expand Down
46 changes: 45 additions & 1 deletion relay-replays/src/recording.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,9 @@ impl RecordingProcessor<'_> {
Some(message) => self.strip_pii(message)?,
None => {}
},
CustomEventDataVariant::PerformanceSpan(_) => {}
CustomEventDataVariant::PerformanceSpan(span) => {
self.strip_pii(&mut span.payload.description)?;
}
}

Ok(())
Expand Down Expand Up @@ -677,6 +679,48 @@ mod tests {
unreachable!();
}

#[test]
fn test_scrub_pii_navigation() {
let payload = include_bytes!("../tests/fixtures/rrweb-performance-navigation.json");
let mut events: Vec<Event> = serde_json::from_slice(payload).unwrap();

recording::strip_pii(&mut events).unwrap();

let event = events.pop().unwrap();
if let recording::Event::T5(custom) = &event {
if let recording::CustomEventDataVariant::PerformanceSpan(span) = &custom.data {
assert_eq!(
&span.payload.description,
"https://sentry.io?credit-card=[creditcard]"
);
return;
}
}

unreachable!();
}

#[test]
fn test_scrub_pii_resource() {
let payload = include_bytes!("../tests/fixtures/rrweb-performance-resource.json");
let mut events: Vec<Event> = serde_json::from_slice(payload).unwrap();

recording::strip_pii(&mut events).unwrap();

let event = events.pop().unwrap();
if let recording::Event::T5(custom) = &event {
if let recording::CustomEventDataVariant::PerformanceSpan(span) = &custom.data {
assert_eq!(
&span.payload.description,
"https://sentry.io?credit-card=[creditcard]"
);
return;
}
}

unreachable!();
}

#[test]
fn test_pii_ip_address_removal() {
let payload = include_bytes!("../tests/fixtures/rrweb-pii-ip-address.json");
Expand Down
19 changes: 19 additions & 0 deletions relay-replays/tests/fixtures/rrweb-performance-navigation.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
[
{
"type": 5,
"timestamp": 1665063926.125,
"data": {
"tag": "performanceSpan",
"payload": {
"op": "navigation.navigate",
"description": "https://sentry.io?credit-card=4111-1111-1111-1111",
"startTimestamp": 1665063926.125,
"endTimestamp": 1665063926.833,
"data": {
"size": 9538,
"duration": 710
}
}
}
}
]
19 changes: 19 additions & 0 deletions relay-replays/tests/fixtures/rrweb-performance-resource.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
[
{
"type": 5,
"timestamp": 1665063926.263,
"data": {
"tag": "performanceSpan",
"payload": {
"op": "resource.link",
"description": "https://sentry.io?credit-card=4111-1111-1111-1111",
"startTimestamp": 1665063926.263,
"endTimestamp": 1665063926.386,
"data": {
"size": 31872,
"encodedBodySize": 31356
}
}
}
}
]

0 comments on commit 821729d

Please sign in to comment.