You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* fix(plug): broaden default %Plug.Conn{} scrubbing
Expand the default @scrubbable_conn_fields so scrub/1 also clears req_cookies
and assigns, scrubs body_params and query_params with the default sensitive
keys, and reduces private to an allow-list of framework metadata — in addition
to today's cookies/req_headers/params.
assigns is cleared wholesale because auth libraries (Guardian, Pow, Coherence)
routinely store decoded tokens, full user structs, and password hashes there,
where no key-based heuristic redacts safely. private mixes sensitive data (the
decoded session under :plug_session, Guardian's raw JWT) with high-signal
framework routing metadata, so it uses the :private_allow_list strategy: Phoenix
routing/render keys are retained (configurable via :scrub_conn_private_allow_list)
and everything else is dropped. This keeps the most useful triage breadcrumb —
which controller/action failed — without leaking secrets.
Expressed entirely through the strategy-aware attribute and the allow-list
mechanism from earlier commits — no changes to scrub/1 dispatch or to the
consumers (Sentry.PlugContext and Sentry.PlugCapture both funnel through
Sentry.Scrubber.scrub/1). The PlugContext request-interface payload is unchanged
(it reads back only params/cookies/req_headers); the broadening manifests on the
PlugCapture ActionClauseError conn path.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* test(plug): cover default params, private allow-list, assigns, and req_cookies scrubbing
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* refa(scrubber): handle `body_params` the same as `params`
* test(plug): assert cookie value is scrubbed from stacktrace frame vars
Broadened conn scrubbing now clears req_cookies, so the session cookie value
no longer appears in the inspected conn captured into frame vars. Restore the
cookie-value assertion alongside the auth-header one.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
0 commit comments