Hello,
So I had a few issues that got logged and I could view hashed user passwords in the SQL query as it was under the insert of a password change. How could I make sure this doesn’t happen?
Hey, No I use the cloud variant with PHP
Ok, for PHP our SDK has the concept of processors where you can hook in custom regexes to strip that sensitive data from your events.
We’re also in the middle of writing a new SDK that should provide a more flexible hook for this.
Hm, okey. I use the PHP module for Laravel, not sure if there is a way for that there?
I believe your config/sentry.php would look like this:
<?php
return array(
'dsn' => '...',
'processorOptions' => array(
'Raven_Processor_SanitizeDataProcessor' => array(
'fields_re' => '/(user_password|user_token|user_secret)/i',
'values_re' => '/^(?:\d[ -]*?){15,16}$/'
)
)
);
Analogous to this you can also set send_callback (also documented in https://docs.sentry.io/clients/php/config/)