From 0ec68943dddc9cefd962a613d3bc4728f4c99275 Mon Sep 17 00:00:00 2001 From: Joe Haines Date: Mon, 8 Feb 2021 10:10:20 +0000 Subject: [PATCH 1/5] Support the new redacted keys option --- config/bugsnag.php | 11 +++++++++++ src/BugsnagServiceProvider.php | 4 ++++ 2 files changed, 15 insertions(+) diff --git a/config/bugsnag.php b/config/bugsnag.php index c3204549..a5c6da42 100644 --- a/config/bugsnag.php +++ b/config/bugsnag.php @@ -317,4 +317,15 @@ */ 'discard_classes' => empty(env('BUGSNAG_DISCARD_CLASSES')) ? null : explode(',', env('BUGSNAG_DISCARD_CLASSES')), + + /* + |-------------------------------------------------------------------------- + | Redacted Keys + |-------------------------------------------------------------------------- + | + | An array of metadata keys that should be redacted. + | + */ + + 'redacted_keys' => empty(env('BUGSNAG_REDACTED_KEYS')) ? null : explode(',', env('BUGSNAG_REDACTED_KEYS')), ]; diff --git a/src/BugsnagServiceProvider.php b/src/BugsnagServiceProvider.php index a5b7dfff..d37d6deb 100644 --- a/src/BugsnagServiceProvider.php +++ b/src/BugsnagServiceProvider.php @@ -241,6 +241,10 @@ public function register() $client->setDiscardClasses($config['discard_classes']); } + if (isset($config['redacted_keys']) && is_array($config['redacted_keys'])) { + $client->setRedactedKeys($config['redacted_keys']); + } + return $client; }); From 2354d661dead9070b641a34c6fd0058c02a35ffc Mon Sep 17 00:00:00 2001 From: Joe Haines Date: Mon, 8 Feb 2021 10:10:31 +0000 Subject: [PATCH 2/5] Add MazeRunner tests for redacted keys --- features/fixtures/docker-compose.yml | 4 ++++ features/redacted_keys.feature | 20 ++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 features/redacted_keys.feature diff --git a/features/fixtures/docker-compose.yml b/features/fixtures/docker-compose.yml index 542d94f8..6477d37e 100644 --- a/features/fixtures/docker-compose.yml +++ b/features/fixtures/docker-compose.yml @@ -13,6 +13,7 @@ services: - BUGSNAG_USE_CUSTOM_GUZZLE - BUGSNAG_REGISTER_OOM_BOOTSTRAPPER - BUGSNAG_DISCARD_CLASSES + - BUGSNAG_REDACTED_KEYS restart: "no" ports: - target: 8000 @@ -31,6 +32,7 @@ services: - BUGSNAG_USE_CUSTOM_GUZZLE - BUGSNAG_REGISTER_OOM_BOOTSTRAPPER - BUGSNAG_DISCARD_CLASSES + - BUGSNAG_REDACTED_KEYS restart: "no" ports: - target: 8000 @@ -49,6 +51,7 @@ services: - BUGSNAG_USE_CUSTOM_GUZZLE - BUGSNAG_REGISTER_OOM_BOOTSTRAPPER - BUGSNAG_DISCARD_CLASSES + - BUGSNAG_REDACTED_KEYS restart: "no" ports: - target: 8000 @@ -67,6 +70,7 @@ services: - BUGSNAG_USE_CUSTOM_GUZZLE - BUGSNAG_REGISTER_OOM_BOOTSTRAPPER - BUGSNAG_DISCARD_CLASSES + - BUGSNAG_REDACTED_KEYS restart: "no" ports: - target: 8000 diff --git a/features/redacted_keys.feature b/features/redacted_keys.feature new file mode 100644 index 00000000..9354bef6 --- /dev/null +++ b/features/redacted_keys.feature @@ -0,0 +1,20 @@ +Feature: Redacted keys + +Scenario: Keys won't be redacted with no redacted keys + Given I start the laravel fixture + When I navigate to the route "/unhandled_controller_exception" + Then I wait to receive a request + And the request is valid for the error reporting API version "4.0" for the "Bugsnag Laravel" notifier + And the event "metaData.request.httpMethod" equals "GET" + And the event "metaData.request.url" ends with "/unhandled_controller_exception" + And the event "metaData.request.userAgent" equals "Ruby" + +Scenario: Keys can be redacted from metadata + Given I set environment variable "BUGSNAG_REDACTED_KEYS" to "HTTPmethod,/^url$/" + And I start the laravel fixture + When I navigate to the route "/unhandled_controller_exception" + Then I wait to receive a request + And the request is valid for the error reporting API version "4.0" for the "Bugsnag Laravel" notifier + And the event "metaData.request.httpMethod" equals "[FILTERED]" + And the event "metaData.request.url" equals "[FILTERED]" + And the event "metaData.request.userAgent" equals "Ruby" From a0c07ffc9747ad8e62fa9780e28cd5e5ea3e15d5 Mon Sep 17 00:00:00 2001 From: Joe Haines Date: Mon, 8 Feb 2021 10:14:24 +0000 Subject: [PATCH 3/5] Add deprecation notice to filters --- config/bugsnag.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/bugsnag.php b/config/bugsnag.php index a5c6da42..d4016be6 100644 --- a/config/bugsnag.php +++ b/config/bugsnag.php @@ -75,6 +75,8 @@ | passwords, and credit card numbers to our servers. Any keys which | contain these strings will be filtered. | + | This option has been deprecated in favour of 'redacted_keys' + | */ 'filters' => empty(env('BUGSNAG_FILTERS')) ? null : explode(',', str_replace(' ', '', env('BUGSNAG_FILTERS'))), From 8dd3757295166f57316b50e686e977fa25621b0c Mon Sep 17 00:00:00 2001 From: Joe Haines Date: Mon, 8 Feb 2021 10:14:39 +0000 Subject: [PATCH 4/5] Add redacted keys to facade methods --- src/Facades/Bugsnag.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Facades/Bugsnag.php b/src/Facades/Bugsnag.php index 0fc4f290..6ab69d17 100644 --- a/src/Facades/Bugsnag.php +++ b/src/Facades/Bugsnag.php @@ -20,6 +20,7 @@ * @method static array getNotifier() * @method static string getNotifyEndpoint() * @method static \Bugsnag\Pipeline getPipeline() + * @method static array getRedactedKeys() * @method static string getSessionEndpoint() * @method static \Bugsnag\SessionTracker getSessionTracker() * @method static string getStrippedFilePath(string $file) @@ -50,6 +51,7 @@ * @method static \Bugsnag\Client setProjectRoot(string|null $projectRoot) * @method static \Bugsnag\Client setProjectRootRegex(string|null $projectRootRegex) * @method static \Bugsnag\Client setReleaseStage(string|null $releaseStage) + * @method static \Bugsnag\Client setRedactedKeys(array $redactedKeys) * @method static \Bugsnag\Client setSendCode(bool $sendCode) * @method static \Bugsnag\Client setSessionEndpoint(string $endpoint) * @method static \Bugsnag\Client setStripPath(string|null $stripPath) From 88d6a32b54134639512cc12ea25a1133682cee6e Mon Sep 17 00:00:00 2001 From: Joe Haines Date: Mon, 8 Feb 2021 10:14:49 +0000 Subject: [PATCH 5/5] Add redacted keys to changelog --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 980201ee..70153e2a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,13 @@ Changelog * Support the new `discardClasses` configuration option. This allows events to be discarded based on the exception class name or PHP error name. [#431](https://github.com/bugsnag/bugsnag-laravel/pull/431) +* Support the new `redactedKeys` configuration option. This is similar to `filters` but allows both strings and regexes. String matching is exact but case-insensitive. Regex matching allows for partial and wildcard matching. + [#432](https://github.com/bugsnag/bugsnag-laravel/pull/432) + +### Deprecations + +* The `filters` configuration option is now deprecated as `redactedKeys` can express everything that filters could and more. + ## 2.21.0 (2020-11-25) ### Enhancements