bugfix: keep "default" pii if it was attached by user

untitaker · untitaker · commit e708afc7231b · 2018-07-27T22:05:10.000+02:00
diff --git a/sentry_sdk/client.py b/sentry_sdk/client.py
@@ -86,7 +86,7 @@ def _prepare_event(self, event, scope):
         ):
             raise SkipEvent()
 
-        event = strip_event(event, client=self)
+        event = strip_event(event)
         event = flatten_metadata(event)
         return event
 
diff --git a/sentry_sdk/hub.py b/sentry_sdk/hub.py
@@ -18,6 +18,13 @@ def _internal_exceptions():
         Hub.current.capture_internal_exception()
 
 
+def _should_send_default_pii():
+    client = Hub.current.client
+    if not client:
+        return False
+    return client.options["send_default_pii"]
+
+
 class HubMeta(type):
     @property
     def current(self):
diff --git a/sentry_sdk/integrations/_wsgi.py b/sentry_sdk/integrations/_wsgi.py
@@ -1,6 +1,7 @@
 import json
 import base64
 
+from sentry_sdk.hub import _should_send_default_pii
 from sentry_sdk.stripping import AnnotatedValue
 
 
@@ -47,9 +48,19 @@ def extract_into_event(self, event):
         request_info["url"] = self.url
         request_info["query_string"] = self.query_string
         request_info["method"] = self.method
-        request_info["headers"] = dict(self.headers)
+
         request_info["env"] = dict(get_environ(self.env))
-        request_info["cookies"] = dict(self.cookies)
+
+        if _should_send_default_pii():
+            request_info["headers"] = dict(self.headers)
+            request_info["cookies"] = dict(self.cookies)
+        else:
+            request_info["headers"] = {
+                k: v
+                for k, v in dict(self.headers).items()
+                if k.lower().replace("_", "-")
+                not in ("set-cookie", "cookie", "authentication")
+            }
 
         if self.form or self.files:
             data = dict(self.form.items())
diff --git a/sentry_sdk/integrations/django.py b/sentry_sdk/integrations/django.py
@@ -9,7 +9,7 @@
     from django.core.urlresolvers import resolve
 
 from sentry_sdk import get_current_hub, configure_scope, capture_exception
-from sentry_sdk.hub import _internal_exceptions
+from sentry_sdk.hub import _internal_exceptions, _should_send_default_pii
 from ._wsgi import RequestExtractor, get_client_ip
 from . import Integration
 
@@ -59,7 +59,7 @@ def processor(event):
             with _internal_exceptions():
                 DjangoRequestExtractor(request).extract_into_event(event)
 
-            if "user" not in event:
+            if _should_send_default_pii():
                 with _internal_exceptions():
                     _set_user_info(request, event)
 
@@ -102,6 +102,9 @@ def size_of_file(self, file):
 
 
 def _set_user_info(request, event):
+    if "user" in event:
+        return
+
     event["user"] = user_info = {"ip_address": get_client_ip(request.META)}
 
     user = getattr(request, "user", None)
diff --git a/sentry_sdk/integrations/flask.py b/sentry_sdk/integrations/flask.py
@@ -1,7 +1,7 @@
 from __future__ import absolute_import
 
 from sentry_sdk import capture_exception, get_current_hub
-from sentry_sdk.hub import _internal_exceptions
+from sentry_sdk.hub import _internal_exceptions, _should_send_default_pii
 from ._wsgi import RequestExtractor
 from . import Integration
 
@@ -52,8 +52,9 @@ def _event_processor(event):
         with _internal_exceptions():
             FlaskRequestExtractor(request).extract_into_event(event)
 
-    with _internal_exceptions():
-        _set_user_info(event)
+    if _should_send_default_pii():
+        with _internal_exceptions():
+            _set_user_info(event)
 
 
 class FlaskRequestExtractor(RequestExtractor):
diff --git a/sentry_sdk/stripping.py b/sentry_sdk/stripping.py
@@ -45,7 +45,7 @@ def inner(obj):
     return obj
 
 
-def strip_event(event, client=None):
+def strip_event(event):
     old_frames = event.get("stacktrace", {}).get("frames", None)
     if old_frames:
         event["stacktrace"]["frames"] = [strip_frame(frame) for frame in old_frames]
@@ -54,30 +54,6 @@ def strip_event(event, client=None):
     if old_request_data:
         event["request"]["data"] = strip_databag(old_request_data)
 
-    if not client or not client.options["send_default_pii"]:
-        event = strip_default_pii(event)
-
-    return event
-
-
-def strip_default_pii(event):
-    if event.get("user"):
-        event["user"] = None
-
-    request = event.get("request")
-    if request:
-        if request.get("cookies"):
-            request["cookies"] = None
-        if request.get("headers"):
-            headers = request["headers"]
-            for key in list(headers):
-                if key.lower().replace("_", "-") in (
-                    "set-cookie",
-                    "cookie",
-                    "authentication",
-                ):
-                    headers[key] = None
-
     return event
 
 
