Query Parameter Redaction should be configurable in code.

[Wraith2]

Component

OpenTelemetry.Instrumentation.AspNet

Is your feature request related to a problem?

Query parameter redaction is enabled for aspnet and aspnetcore instrumentation by default which is a reasonable security practice. Once you realise that this behaviour is occuring if you want to turn it off you will have to find out how to do it which will take a lot of searching by users and possibly ending up in the codebase to find that the only way to disable query redaction is to set the OTEL_DOTNET_EXPERIMENTAL_ASPNETCORE_DISABLE_URL_QUERY_REDACTION environment variable to true.

What is the expected behavior?

AspNetCoreTraceInstrumentationOptions and AspNetTraceInstrumentationOptions have an internal bool DisableUrlQueryRedaction property. This property should be public so that this capability is discoverable and configurable.
There is no reason given for the feature to be experimental.

Which alternative solutions or features have you considered?

setting the environment variable.

Additional context

Using secure defaults is a sensible thing to do but obscuring the capability to disable this capability goes beyond opinionated and approaches obstructive.

[TimothyMothra]

Duplicate of #1954.

The current feature is still Experimental which is why it's behind the OTEL_DOTNET_EXPERIMENTAL_HTTPCLIENT_DISABLE_URL_QUERY_REDACTION environment variable instead of the PublicApi.

We're waiting for the OpenTelemetry Community to define how to handle this feature. That conversation is still ongoing: open-telemetry/semantic-conventions#961

[Wraith2]

duplicate, i'll move conversation to #1954