Filtering Sensitive Data

You have complete control over the data that Honeybadger reports when an error occurs. Before data is sent to Honeybadger, it is passed through a filter to remove sensitive fields and do other processing on the data. The default configuration is equivalent to:

python

  

from honeybadger import honeybadger
honeybadger.configure(
    params_filters=[
        "password",
        "password_confirmation",
        "credit_card",
        "CSRF_COOKIE",
    ]
)

How it works

The params_filters configuration applies to:

Request parameters (GET/POST data)
Session data
Cookies
CGI environment variables
Local variables (when report_local_variables is enabled)

Any field matching a filter key will have its value replaced with "[FILTERED]". Filtering works recursively on nested dictionaries. For example:

python

  

# Before filtering
data = {
    "username": "alice",
    "password": "secret123",
    "user_data": {
        "credit_card": "1234-5678-9012-3456"
    }
}

# After filtering
data = {
    "username": "alice",
    "password": "[FILTERED]",
    "user_data": {
        "credit_card": "[FILTERED]"
    }
}