API tokens should be anonymized/removed in error context

elixir-error-tracker / error-tracker

🐛 An Elixir-based built-in error reporting and tracking solution

https://hex.pm/packages/error_tracker

Apache License 2.0

418 stars 18 forks source link

API tokens should be anonymized/removed in error context #88

Closed jaimeiniesta closed 1 month ago

jaimeiniesta commented 2 months ago

For errors in API requests where authorization is done with a bearer token, this token should be removed or filtered out before saving to DB. For example, in this context:

{
  "request.headers": {
    "accept": "application/json, text/plain, */*",
    "authorization": "Bearer 12341234"
  },
  "request.host": "example.com",
  "request.path": "/api/v1/reports"
}

I should not be able to see Bearer 12341234 and instead I'd expect something like Bearer REMOVED or no authorization details at all.

jaimeiniesta commented 2 months ago

Something that would work in my case is some behaviour that I can implement, similar to the Pruner, that would let me review the context before being saved to DB and let me automate modifying it. In my case it would look for request.headers.authorization and replace its value with "REMOVED", or maybe do a search and replace it with "READ-ONLY TOKEN FOR USER 1234"

crbelaus commented 2 months ago

This makes a lot of sense and is definitely on the roadmap. Thanks for reporting this issue @jaimeiniesta