feat: Introduce 'sanitizeKeys' config option (#1264)

* feat: Introduce 'sanitizeKeys' config option
* ref: Handle cyclic references and support RegExp in
* docs: Make  docs a tad better

Author: kamilogorek

docs/config.rst

@@ -149,6 +149,21 @@ Those configuration options are documented below:
             sampleRate: 0.5 // send 50% of events, drop the other half
         }
 
+.. describe:: sanitizeKeys
+
+    An array of strings or regex patterns representing keys that should be scrubbed from the payload sent to Sentry.
+    We'll go through every field in the payload and mask the values with simple `********` string instead.
+    This will match *only* keys of the object, not the values.
+    Sentry also sanitize all events sent to it on the server-side, but this allows you to strip the payload before it gets to the server.
+
+
+    .. code-block:: javascript
+
+        {
+            sanitizeKeys: [/_token$/, /password/i, 'someHidiousKey']
+        }
+
+
 .. describe:: dataCallback
 
     A function that allows mutation of the data payload right before being

src/raven.js

@@ -32,6 +32,7 @@ var supportsFetch = utils.supportsFetch;
 var supportsReferrerPolicy = utils.supportsReferrerPolicy;
 var serializeKeysForMessage = utils.serializeKeysForMessage;
 var serializeException = utils.serializeException;
+var sanitize = utils.sanitize;
 
 var wrapConsoleMethod = require('./console').wrapMethod;
 
@@ -85,13 +86,13 @@ function Raven() {
     collectWindowErrors: true,
     captureUnhandledRejections: true,
     maxMessageLength: 0,
-
     // By default, truncates URL values to 250 chars
     maxUrlLength: 250,
     stackTraceLimit: 50,
     autoBreadcrumbs: true,
     instrument: true,
-    sampleRate: 1
+    sampleRate: 1,
+    sanitizeKeys: []
   };
   this._fetchDefaults = {
     method: 'POST',
@@ -1865,6 +1866,8 @@ Raven.prototype = {
     // Include server_name if it's defined in globalOptions
     if (globalOptions.serverName) data.server_name = globalOptions.serverName;
 
+    data = this._sanitizeData(data);
+
     // Cleanup empty properties before sending them to the server
     Object.keys(data).forEach(function(key) {
       if (data[key] == null || data[key] === '' || isEmptyObject(data[key])) {
@@ -1905,6 +1908,10 @@ Raven.prototype = {
     }
   },
 
+  _sanitizeData: function(data) {
+    return sanitize(data, this._globalOptions.sanitizeKeys);
+  },
+
   _getUuid: function() {
     return uuid4();
   },

src/utils.js

@@ -536,6 +536,44 @@ function serializeKeysForMessage(keys, maxLength) {
   return '';
 }
 
+function sanitize(input, sanitizeKeys) {
+  if (!isArray(sanitizeKeys) || (isArray(sanitizeKeys) && sanitizeKeys.length === 0))
+    return input;
+
+  var sanitizeRegExp = joinRegExp(sanitizeKeys);
+  var sanitizeMask = '********';
+  var safeInput;
+
+  try {
+    safeInput = JSON.parse(stringify(input));
+  } catch (o_O) {
+    return input;
+  }
+
+  function sanitizeWorker(workerInput) {
+    if (isArray(workerInput)) {
+      return workerInput.map(function(val) {
+        return sanitizeWorker(val);
+      });
+    }
+
+    if (isPlainObject(workerInput)) {
+      return Object.keys(workerInput).reduce(function(acc, k) {
+        if (sanitizeRegExp.test(k)) {
+          acc[k] = sanitizeMask;
+        } else {
+          acc[k] = sanitizeWorker(workerInput[k]);
+        }
+        return acc;
+      }, {});
+    }
+
+    return workerInput;
+  }
+
+  return sanitizeWorker(safeInput);
+}
+
 module.exports = {
   isObject: isObject,
   isError: isError,
@@ -567,5 +605,6 @@ module.exports = {
   fill: fill,
   safeJoin: safeJoin,
   serializeException: serializeException,
-  serializeKeysForMessage: serializeKeysForMessage
+  serializeKeysForMessage: serializeKeysForMessage,
+  sanitize: sanitize
 };

test/raven.test.js

@@ -576,6 +576,33 @@ describe('globals', function() {
       assert.isTrue(Raven._send.calledOnce);
     });
 
+    it('should respect `sanitizeKeys`', function() {
+      this.sinon.stub(Raven, '_sendProcessedPayload');
+      Raven._globalOptions.sanitizeKeys = ['password', 'token'];
+      Raven.captureMessage('hello', {
+        extra: {
+          password: 'foo',
+          token: 'abc',
+          user: 'rick'
+        },
+        user: {
+          password: 'foo'
+        }
+      });
+
+      // It's not the main thing we test here and it's a variable with every run
+      delete Raven._sendProcessedPayload.lastCall.args[0].extra['session:duration'];
+
+      assert.deepEqual(Raven._sendProcessedPayload.lastCall.args[0].extra, {
+        password: '********',
+        token: '********',
+        user: 'rick'
+      });
+      assert.deepEqual(Raven._sendProcessedPayload.lastCall.args[0].user, {
+        password: '********'
+      });
+    });
+
     it('should send a proper payload with frames', function() {
       this.sinon.stub(Raven, '_send');
 

test/utils.test.js

@@ -26,6 +26,7 @@ var parseUrl = utils.parseUrl;
 var safeJoin = utils.safeJoin;
 var serializeException = utils.serializeException;
 var serializeKeysForMessage = utils.serializeKeysForMessage;
+var sanitize = utils.sanitize;
 
 describe('utils', function() {
   describe('isUndefined', function() {
@@ -696,4 +697,105 @@ describe('utils', function() {
       assert.equal(serializeKeysForMessage('foo'), 'foo');
     });
   });
+
+  describe('sanitize', function() {
+    var sanitizeMask = '********';
+
+    it('should return simple values directly', function() {
+      var actual = sanitize('foo');
+      var expected = 'foo';
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should return same value when no sanitizeKeys passed', function() {
+      var actual = sanitize({foo: 42});
+      var expected = {foo: 42};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should return same value when empty sanitizeKeys array passed', function() {
+      var actual = sanitize({foo: 42}, []);
+      var expected = {foo: 42};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize flat objects', function() {
+      var actual = sanitize({foo: 42}, ['foo']);
+      var expected = {foo: sanitizeMask};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize flat objects with multiple keys', function() {
+      var actual = sanitize({foo: 42, bar: 'abc', baz: 1337}, ['foo', 'baz']);
+      var expected = {foo: sanitizeMask, bar: 'abc', baz: sanitizeMask};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize flat objects when value is a plain object or array', function() {
+      var actual = sanitize({foo: {bar: 42}}, ['foo']);
+      var expected = {foo: sanitizeMask};
+      assert.deepEqual(actual, expected);
+
+      actual = sanitize({foo: [42, 'abc']}, ['foo']);
+      expected = {foo: sanitizeMask};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize nested objects keys', function() {
+      var actual = sanitize({foo: {bar: 42}}, ['bar']);
+      var expected = {foo: {bar: sanitizeMask}};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize objects nested in arrays', function() {
+      var actual = sanitize({foo: [{bar: 42}, 42]}, ['bar']);
+      var expected = {foo: [{bar: sanitizeMask}, 42]};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should sanitize every object when array provided as input', function() {
+      var actual = sanitize([{foo: 42}, {bar: 42}, 42], ['foo', 'bar']);
+      var expected = [{foo: sanitizeMask}, {bar: sanitizeMask}, 42];
+      assert.deepEqual(actual, expected);
+    });
+
+    it('shouldnt break with cyclic references', function() {
+      var input = {
+        foo: {},
+        baz: 42
+      };
+      input.foo.bar = input.foo;
+
+      var actual = sanitize(input, ['baz']);
+      var expected = {foo: {bar: '[Circular ~.foo]'}, baz: sanitizeMask};
+      assert.deepEqual(actual, expected);
+    });
+
+    it('should work with keys as RegExps', function() {
+      var actual = sanitize(
+        {
+          foo: {
+            bar: 42,
+            baz: 1337,
+            qux: 'rick',
+            forgotFifthWord: 'whoops',
+            thisShouldMatch123_32: 'hello',
+            butThisNot123_42_X: 'morty'
+          }
+        },
+        [/^ba/i, 'forgotFifthWord', /\d{3}_\d{2}$/i]
+      );
+      var expected = {
+        foo: {
+          bar: sanitizeMask,
+          baz: sanitizeMask,
+          qux: 'rick',
+          forgotFifthWord: sanitizeMask,
+          thisShouldMatch123_32: sanitizeMask,
+          butThisNot123_42_X: 'morty'
+        }
+      };
+      assert.deepEqual(actual, expected);
+    });
+  });
 });