Add option to redact data from exceptions #168
Conversation
|
@simoleone Hey, thanks for pinging, I think this predated my active involvement so wasn't quite on my radar. I'd be happy to work with you on it if you'd like to rebase it. I'll add some comments and questions now to keep this moving. |
geemus
left a comment
geemus
left a comment
There was a problem hiding this comment.
Looks good overall, just a couple points to discuss and a rebase and we will hopefully be in good shape to proceed.
| @config.fetch(:validate_header, true) | ||
| end | ||
|
|
||
| def redact_response_errors |
There was a problem hiding this comment.
From looking at validators/etc, I think maybe this would impact any validations (not just response ones). Could you verify? Especially if that is true, it probably would make sense to just have this be named redact_errors.
There was a problem hiding this comment.
Also, it would be great to add one or more tests to verify the behavior for things other than response.
|
Great! Thank you! Will do as soon as I get a free minute 😬 |
2 participants
Hello!
It is useful to be able to redact data values in production environments. This prevents PII and other sensitive data from reaching logging and error reporting systems. It's especially useful for response validation error handling, when the server will typically respond with an HTTP 500 and a generic error message, and an exception reporting tool will receive the raw exception.
This PR adds an option to do this, and modifies all of the exception classes which contain a value to support redacting the value. I also refactored the
Optionsclass to pass it around throughout the validation code instead of destructuring it into the individual options it contains. This is a bit more flexible if more options are needed in the future.