bengourley
commented
6 years ago Hi Joe, thanks for the report. I've discussed with with the team and it seems like a perfectly reasonable suggestion. I'll get it scheduled.
Closed CTOJoe closed 6 years ago
bengourley
commented
6 years ago Hi Joe, thanks for the report. I've discussed with with the team and it seems like a perfectly reasonable suggestion. I'll get it scheduled.
Expected behavior
Our Bugsnag is configured for express. When an express request has an error, Bugsnag logs all sorts of useful info about the request, including HTTP headers. The authorization header contains sensitive information and recording them in Bugsnag could violate privacy concerns. Depending on the application, other HTTP headers could contain information that is just as sensitive. Adding adding a configuration filter for authorization should also apply the filter to headers.
Observed behavior
Adding a filter does not apply to headers when used with express.