Filtering Sensitive Data
When Honeybadger includes request or environment data in error reports, you may want to exclude sensitive keys. We try to provide sane defaults, but you should always review the data you're reporting to make sure you aren't leaking sensitive information.
There are two types of potentially sensitive data in Honeybadger: Request Parameters and Environment Keys.
You can filter sensitive request parameters using the
configuration option. The value should be an
array of keys to filter. Honeybadger filters the following keys by default:
[ 'request' => [ 'filter' => [ 'password', 'password_confirmation' ], ], ]
Honeybadger maintains a whitelist of environment keys, so you don't usually have to worry about leaking sensitive configuration such as API keys or passwords to 3rd-party services.
If you do need to filter some of the default keys, Honeybadger has you covered
environment['filter'] configuration option. You can also add
additional keys to the whitelist with the
environment['include'] option, if
you're sure you always want to report them:
[ 'environment' => [ // Environment keys to filter before the payload sent to Honeybadger 'filter' => , // Additional environment keys to include 'include' => , ], ]