Filtering Sensitive Data

You have complete control over what data is sent to Honeybadger. You can filter request data as well as inspect and filter all other data before it’s sent to Honeybadger.

Filtering request data

Honeybadger automatically filters sensitive keys in params, cookies, and environment data. By default, we filter keys containing password or creditcard. When you add a property name to the filters config array, the values will be removed from error reports before they are sent to our servers:

{ "submit": "Sign Up", "password": "[FILTERED]" }

Here’s an example of configuring additional filters (ssn in this case):

Honeybadger.configure({ filters: ['password', 'creditcard', 'ssn'] });

With the above config, all keys containing ssn, password, or creditcard will be filtered from request data. Filters are case insensitive; creditcard and creditCard will both match. Filters are not applied to data sent to Honeybadger via the context feature.

Filtering other data

Honeybadger also allows you to inspect and filter all data that is sent to our servers at the time of an error using a Honeybadger.beforeNotify handler.

For example, to filter the URL of the current page when it contains a sensative param name:

Honeybadger.beforeNotify(function(notice) { if (/creditCard/.test(notice.url)) { notice.url = '[FILTERED]'; } });

To filter keys in the context object:

Honeybadger.beforeNotify(function(notice) { Object.keys(notice.context).forEach(function(key) { if (/creditCard/.test(key)) { notice.context[key] = '[FILTERED]'; } }); });

<%= partial(“lib/javascript/notice_properties”) %>