Skip to content

Commit 2603210

Browse files
ericapisaniclaude
andauthored
fix(tornado): Gate url.full, url.path, url.query on send_default_pii (#6664)
Gates `url.full`, `url.path`, and `url.query` span attributes in the Tornado integration behind `send_default_pii`, consistent with the same fix applied to the aiohttp (#6650) and wsgi (#6654) integrations. Adds a `send_pii` parametrize dimension to the transactions test to cover both the PII-on and PII-off paths explicitly. Fixes PY-2556 Fixes #6661 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 4296334 commit 2603210

2 files changed

Lines changed: 22 additions & 7 deletions

File tree

sentry_sdk/integrations/tornado.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -197,10 +197,12 @@ def _get_request_attributes(request: "Any") -> "Dict[str, Any]":
197197
for header, value in headers.items():
198198
attributes[f"{SPANDATA.HTTP_REQUEST_HEADER}.{header.lower()}"] = value
199199

200-
if request.query:
201-
attributes[SPANDATA.URL_QUERY] = request.query
200+
if should_send_default_pii():
201+
attributes[SPANDATA.URL_FULL] = request.full_url()
202+
attributes["url.path"] = request.path
202203

203-
attributes[SPANDATA.URL_FULL] = request.full_url()
204+
if request.query:
205+
attributes[SPANDATA.URL_QUERY] = request.query
204206

205207
if request.protocol:
206208
attributes[SPANDATA.NETWORK_PROTOCOL_NAME] = request.protocol

tests/integrations/tornado/test_tornado.py

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,7 @@ def test_basic(tornado_testcase, sentry_init, capture_events):
110110
assert not sentry_sdk.get_isolation_scope()._tags
111111

112112

113+
@pytest.mark.parametrize("send_pii", [True, False])
113114
@pytest.mark.parametrize("span_streaming", [True, False])
114115
@pytest.mark.parametrize(
115116
"handler,code",
@@ -126,10 +127,12 @@ def test_transactions(
126127
handler,
127128
code,
128129
span_streaming,
130+
send_pii,
129131
):
130132
sentry_init(
131133
integrations=[TornadoIntegration()],
132134
traces_sample_rate=1.0,
135+
send_default_pii=send_pii,
133136
_experiments={"trace_lifecycle": "stream" if span_streaming else "static"},
134137
)
135138

@@ -185,11 +188,18 @@ def test_transactions(
185188
assert server_segment["attributes"]["http.request.method"] == "POST"
186189
assert server_segment["attributes"]["http.request.body.data"] == "heyoo"
187190
assert server_segment["attributes"]["http.response.status_code"] == code
188-
assert server_segment["attributes"]["url.query"] == "foo=bar"
189-
assert server_segment["attributes"]["url.full"].endswith("/hi?foo=bar")
190-
assert server_segment["attributes"]["url.full"].startswith("http://")
191191
assert server_segment["status"] == ("ok" if code == 200 else "error")
192192
assert client_segment["trace_id"] == server_segment["trace_id"]
193+
194+
if send_pii:
195+
assert server_segment["attributes"]["url.query"] == "foo=bar"
196+
assert server_segment["attributes"]["url.full"].endswith("/hi?foo=bar")
197+
assert server_segment["attributes"]["url.full"].startswith("http://")
198+
assert server_segment["attributes"]["url.path"] == "/hi"
199+
else:
200+
assert "url.query" not in server_segment["attributes"]
201+
assert "url.full" not in server_segment["attributes"]
202+
assert "url.path" not in server_segment["attributes"]
193203
else:
194204
if code == 200:
195205
client_tx, server_tx = events
@@ -227,7 +237,7 @@ def test_transactions(
227237

228238
request = server_tx["request"]
229239
host = request["headers"]["Host"]
230-
assert server_tx["request"] == {
240+
expected_request = {
231241
"env": {"REMOTE_ADDR": "127.0.0.1"},
232242
"headers": {
233243
"Accept-Encoding": "gzip",
@@ -239,6 +249,9 @@ def test_transactions(
239249
"data": {"heyoo": [""]},
240250
"url": "http://{host}/hi".format(host=host),
241251
}
252+
if send_pii:
253+
expected_request["cookies"] = {}
254+
assert server_tx["request"] == expected_request
242255

243256
assert (
244257
client_tx["contexts"]["trace"]["trace_id"]

0 commit comments

Comments
 (0)