Skip to content

docs(relay): update the data scrubbing default values #11949

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
martinhaintz merged 1 commit into from
Dec 2, 2024
Merged

docs(relay): update the data scrubbing default values #11949

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions docs/security-legal-pii/scrubbing/server-side-scrubbing/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,13 @@ With it enabled, Sentry will scrub the following:
- passwd
- api_key
- apikey
- access_token
- auth
- credentials
- mysql_pwd
- stripetoken
- card[number]
- github_token
- privatekey
- private_key
- token
- bearer
- Values that contain strings in, or whose keynames are listed in, [Project] > Settings > Security & Privacy in "Additional Sensitive Fields".
- An entry in "Additional Sensitive Fields" such as `mysekret`, for example, will cause the removal of any field named `mysekret`, but also removes any field _value_ that contains `mysekret`. Sentry does this to protect against sensitive data leaking as part of structured data that has been sent as a single string to Sentry (such as a JSON object that is stringified and embedded as JSON string in another JSON structure).
- As an extreme example where this behavior can become surprising, the string `"Unexpected error"` will be removed from events if the entry `exp` is in "Additional Sensitive Fields".
Expand Down