Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(pii): Scrub sensitive cookies #1951

Merged
merged 12 commits into from
Mar 22, 2023
Merged

fix(pii): Scrub sensitive cookies #1951

merged 12 commits into from
Mar 22, 2023

Conversation

jjbayer
Copy link
Member

@jjbayer jjbayer commented Mar 20, 2023

Always scrub cookies that are known to be session cookies.

Fixes #1706

@jjbayer jjbayer requested a review from mdtro March 20, 2023 15:17
@jjbayer jjbayer mentioned this pull request Mar 21, 2023
Merged
jjbayer added a commit that referenced this pull request Mar 21, 2023
@jjbayer
fix(pii): Early return if no text left (#1957)
91c7370 
If a list of chunks consists only of replacements, the following debug
assertion at the end of `apply_replacement_chunks` might fail (see
test):

https://github.com/getsentry/relay/blob/a8ee53cc26b8d7bd10cfa919e672894edbd65916/relay-general/src/pii/processor.rs#L346

Add an early return to prevent this failure.

This popped up in a test case in #1951.
@mdtro mdtro force-pushed the fix/scrub-session branch from cfe9e6c to 790d522 Compare March 21, 2023 16:23
@mdtro mdtro marked this pull request as ready for review March 21, 2023 16:52
@mdtro mdtro requested a review from a team March 21, 2023 16:52
jjbayer
jjbayer commented Mar 22, 2023
View reviewed changes
Copy link
Member Author

@jjbayer jjbayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I cannot formally approve, but this looks good to go to me!

CHANGELOG.md Outdated Show resolved Hide resolved
relay-general/src/pii/convert.rs Show resolved Hide resolved
@mdtro mdtro force-pushed the fix/scrub-session branch from 44ed9ea to 83f2870 Compare March 22, 2023 17:02
@mdtro mdtro merged commit 179462d into master Mar 22, 2023
@mdtro mdtro deleted the fix/scrub-session branch March 22, 2023 17:22
jan-auer added a commit that referenced this pull request Mar 24, 2023
@jan-auer
Merge branch 'master' into ref/axum
6bc21b9 
* master:
  feat(normalization): Mark scrubbed transactions as sanitized (#1960)
  fix(pii): Scrub sensitive cookies (#1951)
  release: 23.3.1
  feat(pii-scrubbing): PII scrub span.data by default (#1953)
  test(scrubbing): Add tests for PII scrubbing in breadcrumb.data (#1955)
  build(deps): bump sentry-sdk from 1.11.0 to 1.14.0 (#1959)
  ref(envelope_manager): Remove from_registry calls from the service (#1956)
  cd: add placeholder deployment pipeline (#1954)
  Assert array fields are capped to 100 items (#1910)
  fix(pii): Early return if no text left (#1957)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iker-barriocanal iker-barriocanal iker-barriocanal approved these changes

@mdtro mdtro Awaiting requested review from mdtro

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

pii: Scrub session cookie by default
3 participants
@jjbayer @mdtro @iker-barriocanal