sentry_core/
utils.rs

1//! Utilities reused across dependant crates and integrations.
2
3const SENSITIVE_HEADERS_UPPERCASE: &[&str] = &[
4    "AUTHORIZATION",
5    "PROXY_AUTHORIZATION",
6    "COOKIE",
7    "SET_COOKIE",
8    "X_FORWARDED_FOR",
9    "X_REAL_IP",
10    "X_API_KEY",
11];
12
13const PII_REPLACEMENT: &str = "[Filtered]";
14
15/// Determines if the HTTP header with the given name shall be considered as potentially carrying
16/// sensitive data.
17pub fn is_sensitive_header(name: &str) -> bool {
18    SENSITIVE_HEADERS_UPPERCASE.contains(&name.to_ascii_uppercase().replace("-", "_").as_str())
19}
20
21/// Scrub PII (username and password) from the given URL.
22pub fn scrub_pii_from_url(mut url: url::Url) -> url::Url {
23    // the set calls will fail and return an error if the URL is relative
24    // in those cases, just ignore the errors
25    if !url.username().is_empty() {
26        let _ = url.set_username(PII_REPLACEMENT);
27    }
28    if url.password().is_some() {
29        let _ = url.set_password(Some(PII_REPLACEMENT));
30    }
31    url
32}
sentry_core/utils.rs

sentry_core/
utils.rs
