Closed tims-j closed 3 years ago
tims-j
commented
3 years ago For some more context, our client side app has an API middleware that catches 5xx HTTP response codes from the API server. If the server responds with an error, we capture this and log an error to bugsnag, which is how we are able to catch server side POST errors
yousif-bugsnag
commented
3 years ago Hi @tims-j,
If the metadata is added as a JSON string Bugsnag will not find any matching keys for redaction. You would need to add this as a JSON object.
I believe that bugsnag should first try to JSON.parse the body and then try to apply its filtering.
This would effectively require a call to JSON.parse for every string metadata property in an event in order to check if it is valid JSON, which would have a serious performance impact.
If you know that your metadata is likely to contain sensitive information we'd recommend calling JSON.parse before adding it to an event.
I'm closing this issue out but please feel free to write in to us at support@bugsnag.com if you have any specific questions.
Describe the bug
The redactedKeys array doesn't get applied to the body in the event metaData when the body is a stringified JSON object.
Steps to reproduce
This is going to be largely determined by the project implementation.
event.addMetadata("additional info", metaData);Environment
Example code snippet
const { error, errorCode, message, metaData } = errorData;console.log("🚀 ~ file: clientLogger.tsx ~ line 98 ~ errorData", errorData);Bugsnag.notify(error, event => {if (metaData) { event.addMetadata("additional info", metaData); }});The console.log above is the raw data being sent through the bugsnag PRIOR to any filtering. As you can see though the body in the metaData is a stringified object.
The equivalent bugsnag event is below:
My assumption here is that the redactedKeys isn't getting applied / matched because the POST body is a stringified object. I believe that bugsnag should first try to JSON.parse the body and then try to apply its filtering.