Prevent sensitive information like user passwords from being logged/captured #12555

akolson · 2024-08-13T15:21:44Z

Overview

We should not capture sensitive information like passwords during error reporting

Description and outcomes

Check request headers for any sensitive information and remove it before capturing the eror.

Acceptance Criteria

No sensitive information exists in captured erors

Assumptions and Dependencies

NA

Scope

Prevent capture and transmission of sensitive information in errors

Accessibility Requirements

NA

Resources

rtibbles · 2024-09-23T23:44:19Z

Fixed in #12660

akolson mentioned this issue Aug 13, 2024

Distributed error reporting #12214

Open

akolson added DEV: backend Python, databases, networking, filesystem... gsoc A GSoC project task labels Aug 13, 2024

akolson added this to the Distributed Error Reporting milestone Aug 13, 2024

thesujai mentioned this issue Sep 14, 2024

DER: Move request_time_to_error to context and remove sensitive info from the requests info #12660

Merged

9 tasks

rtibbles closed this as completed Sep 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Prevent sensitive information like user passwords from being logged/captured #12555

Prevent sensitive information like user passwords from being logged/captured #12555

akolson commented Aug 13, 2024 •

edited

Loading

rtibbles commented Sep 23, 2024

Prevent sensitive information like user passwords from being logged/captured #12555

Prevent sensitive information like user passwords from being logged/captured #12555

Comments

akolson commented Aug 13, 2024 • edited Loading

Overview

Description and outcomes

Acceptance Criteria

Assumptions and Dependencies

Scope

Accessibility Requirements

Resources

rtibbles commented Sep 23, 2024

akolson commented Aug 13, 2024 •

edited

Loading