Scrubbing errors?

[Faithfinder]

Right now the whole request gets appended to the error message, e.g. the message looks like this:

"Error from the server: {"response":{"errors":[{"message":"Error from the server","extensions":{"code":"FORBIDDEN","response":{"statusCode":403,"message":"Only admins can impersonate","error":"Forbidden"}}}],"data":null,"status":200,"headers":{"map":{"content-length":"191","content-type":"application/json; charset=utf-8"}}},"request":{"query":"\n    mutation SomeMutation($input: SomeInput!) {\n  someMutation(input: $input) {\n    token\n  }\n}\n    ","variables":{"input":{"email":"someemail@example.com","password":"123457"}}}}"

This then goes to Sentry, leaking user password. I would like to scrub it, but the fact that it's just a string makes it a pain in the ass. Any advice?

[Faithfinder]

Genius ideas are simplest. For now I'm just doing an error.message = error.message.split(' :{')[0]; as a workaround. Still, not sure including the whole meta in the message is a good idea.