sentry-cocoa icon indicating copy to clipboard operation
sentry-cocoa copied to clipboard
verified publisher icon getsentry

No request body for HTTP request is logged when enableCaptureFailedRequests=true

Open DataGreed opened this issue 1 year ago • 2 comments

Platform

iOS

Environment

Develop, Production, TestFlight

Installed

Swift Package Manager

Version

8.35.0

Xcode Version

15.4

Did it work on previous versions?

No response

Steps to Reproduce

  1. Set up SentrySDK with enableCaptureFailedRequests=true
  2. Trigger an HTTP error on POST request or any other request with a body

Expected Result

Error is logged is full captured with request headers and body

Actual Result

No request body is being logged making the debugging impossible

Are you willing to submit a PR?

No response

DataGreed avatar Sep 13 '24 19:09 DataGreed

Thanks @DataGreed for reaching out.

We will discuss what we can do about it, usually body requests contains PII and we need to make sure we're not sending any user information in the event.

brustolin avatar Sep 16 '24 08:09 brustolin

As pointed out above, this is currently by design. We're gonna follow up internally if we want to allow this as opt-in guarded by some kind of flag to ensure users know that this opens up potentials PII/sensitive data issues.

In the mean time, you can get some inspiration from the following implementation on how to implement this yourself: https://github.com/getsentry/sentry-cocoa/blob/6ccaa36d280b21b1e304f3072707d31b9409346f/Sources/Sentry/SentryNetworkTracker.m#L407-L469

kahest avatar Sep 18 '24 12:09 kahest