--- title: Filtering sensitive data description: Filter sensitive data from JavaScript error reports to protect user privacy and comply with security requirements. url: https://docs.honeybadger.io/lib/javascript/errors/filtering-sensitive-data/ --- You have complete control over what data is sent to Honeybadger. You can [filter request data](https://docs.honeybadger.io/lib/javascript/errors/filtering-sensitive-data/#filtering-request-data) as well as [inspect and filter all other data](https://docs.honeybadger.io/lib/javascript/errors/filtering-sensitive-data/#filtering-other-data) before it’s sent to Honeybadger. ## Filtering request data Honeybadger automatically filters sensitive keys in params, cookies, and environment data. By default, we filter keys containing `password` or `creditcard`. When you add a property name to the [`filters`config array](https://docs.honeybadger.io/lib/javascript/reference/configuration/#configuration-options), the values will be removed from error reports before they are sent to our servers: ```json { "submit": "Sign Up", "password": "[FILTERED]" } ``` Here’s an example of configuring additional filters (`ssn` in this case): ```js Honeybadger.configure({ filters: ["password", "creditcard", "ssn"], }); ``` With the above config, all keys containing `ssn`, `password`, or `creditcard` will be filtered from request data. Filters are case insensitive; `creditcard` and `creditCard` will both match. Filters are not applied to data sent to Honeybadger via [the context feature](https://docs.honeybadger.io/lib/javascript/errors/customizing-error-reports/#adding-context). ## Filtering other data Honeybadger also allows you to inspect and filter all data that is sent to our servers at the time of an error using a `Honeybadger.beforeNotify` handler. For example, to filter the URL of the current page when it contains a sensative param name: ```javascript Honeybadger.beforeNotify(function (notice) { if (/creditCard/.test(notice.url)) { notice.url = "[FILTERED]"; } }); ``` To filter keys in the context object: ```javascript Honeybadger.beforeNotify(function (notice) { Object.keys(notice.context).forEach(function (key) { if (/creditCard/.test(key)) { notice.context[key] = "[FILTERED]"; } }); }); ``` The following notice properties are available in `notice` objects: * `notice.stack` - The stack trace (read only) * `notice.backtrace` - The parsed backtrace object * `notice.name` - The exception class name * `notice.message` - The error message * `notice.url` - The current url * `notice.projectRoot` - The root url * `notice.environment` - Name of the environment. example: “production” * `notice.component` - Similar to a rails controller name. example: “users” * `notice.action` - Similar to a rails action name. example: “create” * `notice.fingerprint` - A unique fingerprint, used to customize grouping of errors in Honeybadger * `notice.context` - The context object * `notice.tags` - A string comma-separated list of tags * `notice.params` - An object of request parameters * `notice.session` - An object of request session key/values * `notice.headers` - An object of request headers * `notice.cookies` - An object of cookie key/values. May also be sent as a string in the document.cookie “foo=bar;bar=baz” format. The following additional notice properties are available in `afterNotify` handlers: * `notice.id` - The UUID of the error in Honeybadger --- ## Try Honeybadger for FREE Intelligent logging, error tracking, and Just Enough APM™ in one dev-friendly platform. Find and fix problems before users notice. [Start free trial](https://app.honeybadger.io/users/sign_up) [See plans and pricing](https://www.honeybadger.io/plans/)