Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize potential security sensitive info in HTTP headers, cookies and POST form fields #300

Closed
SergeyKleyman opened this issue Jun 18, 2019 · 3 comments
Closed

Sanitize potential security sensitive info in HTTP headers, cookies and POST form fields #300

SergeyKleyman opened this issue Jun 18, 2019 · 3 comments
Assignees
@gregkalapos
Labels
cross APM agents good first issue Good for newcomers security Security related items technical debt
Milestone
7.5

Comments

@SergeyKleyman
Copy link
Contributor

Sanitize (sanitise, scrub, redact, remove) potential security sensitive info in HTTP headers, cookies and POST form fields.

Implementations by other Elastic APM agents:

Agent Configuration setting
Java sanitize_field_names
Go sanitize_field_names
node.js filterHttpHeaders
Ruby custom_key_filters
@SergeyKleyman SergeyKleyman added enhancement New feature or request security Security related items technical debt and removed enhancement New feature or request labels Jun 18, 2019
@SergeyKleyman SergeyKleyman added this to the 1.0 milestone Jun 22, 2019
@SergeyKleyman SergeyKleyman added the good first issue Good for newcomers label Jul 17, 2019
@gregkalapos
Copy link
Contributor

In 1.0GA we don't implement it, since it can be turned off. We move this after 1.0GA.

@gregkalapos gregkalapos modified the milestones: 1.0, 1.1 Jul 24, 2019
@gregkalapos gregkalapos mentioned this issue Jul 25, 2019
Closed
@gregkalapos
Copy link
Contributor

Feedback and response, related to this: #379 (comment)

@gregkalapos gregkalapos self-assigned this Sep 4, 2019
@gregkalapos gregkalapos modified the milestones: 1.1, 7.5 Oct 1, 2019
@gregkalapos gregkalapos mentioned this issue Oct 15, 2019
Merged
@gregkalapos
Copy link
Contributor

Implemented in #549.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gregkalapos gregkalapos

Labels
cross APM agents good first issue Good for newcomers security Security related items technical debt
Projects
None yet
Milestone
7.5
Development

No branches or pull requests
2 participants
@gregkalapos @SergeyKleyman