Support explicitly specifying which HTTP query params to include in trace #3263
Replies: 1 comment
-
Hi there, We decided to enable query string collection by default with the understanding that query parameters are generally not secure i.e. data exposed in query parameters should not be sensitive because query params are visible in the URL to your users and often appear in server logs. We recently aligned all dd-trace libraries to the "on by default" behavior for, so to modify it in any way would be a big push. That said, I want to understand your use-case better so that our product can best support you. I'm wondering if there is a specific query parameter or type of data you are expecting to be obfuscated by default? If so, perhaps other users have the same experience, and we can consider adding this to our obfuscation regex. Thanks! |
Beta Was this translation helpful? Give feedback.
-
Package Name
No response
Package Version(s)
No response
Describe the feature you'd like
Currently, all HTTP query parameter and values are included in traces by default and the only way to mask them is by
DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP
.I would like the opposite since it's more secure. Be able to mask all query parameter values by default, and then be able to specify which query parameter values can be included in the trace without being masked.
I see
v2
of the tracer is being worked on. I think this would be a great addition that could allow it to become more safe for users to useIs your feature request related to a problem?
No response
Describe alternatives you've considered
No response
Additional context
No response
Beta Was this translation helpful? Give feedback.
All reactions