search

open-telemetry / opentelemetry-go-contrib

Collection of extensions for OpenTelemetry-Go.
https://opentelemetry.io/
Apache License 2.0
1.14k stars 541 forks source link

Add Redaction to otelhttp #3895

Open fpozzobon opened 1 year ago

fpozzobon commented 1 year ago

Problem Statement

Some attributes passed to attributes might contain sensitive data (example: http.url)

Proposed Solution

As a consumer of the library, it would be great to have possibility to apply redaction (masking value) to a defined set of attributes.

Alternatives

In place of redaction we could:

  1. Apply a filter option which would dismiss the attributes
  2. Apply an option which would enable consumer to define request/response attributes

Prior Art

Redaction option already exists for header

Additional Context

To be compliant with GDPR, it is important for consumer of the library to have the possibility to mask attribute values

dmathieu commented 1 year ago

Related, for mongo: https://github.com/open-telemetry/opentelemetry-go-contrib/pull/3662

I wonder if it wouldn't be good to start an otep on this, so every SDK can use similar approaches.