search

getsentry / sentry

Developer-first error tracking and performance monitoring
https://sentry.io
Other
39.3k stars 4.21k forks source link

Data Scrubbing rules - show errors and capabilities #51245

Open iker-barriocanal opened 1 year ago

iker-barriocanal commented 1 year ago

Environment

SaaS (https://sentry.io/)

Steps to Reproduce

These issues happen in a project's and/or org's data scrubbing settings, in the following URLs:

Expected Result

  1. When updating advanced data scrubbing rules on the project settings page, the UI doesn’t always show errors returned by the server and falls back to “unknown error”. Examples: doesn’t show ~“regex is too big” error, but it shows regex lookahead isn’t supported.
  2. Additional sensitive fields, in Data Scrubbing, are case insensitive. The product doesn't directly tell this and makes some people duplicate the literals to support different upper/lower cases.

Actual Result

  1. All errors from the server are shown to the user.
  2. The UI references/shows case insensitive literals are supported.

Product Area

Settings - Security & Privacy

Link

No response

DSN

No response

Version

No response

RaduW commented 1 year ago

This is a UI issue.

The backend correctly returns errors eg. {"relayPiiConfig":["Compiled regex exceeds size limit of 262144 bytes."]} In my test the error was not generated for a text of 5000 chars, it was generated at 12 000 chars, which would be a relatively uncommon problem.

Did not try with various complex regexes that might generate a large compiled regexes.

In regards to case sensitivity Sentry documentation is quite clear about the regexes used, it goes well beyond explaining how to do case sensitive/insensitive searches, please see:

https://docs.sentry.io/product/data-management-settings/scrubbing/advanced-datascrubbing/?original_referrer=https%3A%2F%2Fwww.google.com%2F#data-types