sentry-unreal
sentry-unreal copied to clipboard
getsentry
Avoid printing detailed http requests with credentials on the logs
Environment
How do you use Sentry? Sentry SaaS (sentry.io)
Which version of the SDK? 1
How did you install the package? Git-URL
Which version of Unreal? 5.6.1
Is this happening in Unreal (editor) or on a player like Android, iOS, Windows? editor and packaged
Steps to Reproduce
- run the game
- watch the logs
- observe credentials floating by
Expected Result
not see my credentials on the logs
Actual Result
credentials on the logs
Any logs or screenshots
i see stuff like this
< HTTP/2 200 < server: nginx < date: Fri, 21 Nov 2025 20:54:01 GMT < content-type: application/json < content-length: 2 < vary: origin, access-control-request-method, access-control-request-headers < access-control-allow-origin: * < access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after < cross-origin-resource-policy: cross-origin < strict-transport-security: max-age=31536000; includeSubDomains; preload < via: 1.1 google < alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 < {}* Connection #0 to host oxxxxxxxx.ingest.de.sentry.io left intact
this case has no credentials that i can see. but most of them have them in the headers.
please fix this or add an option. i do not need to see the http requests AT ALL. (so it could be a verbose log instead). i do tend to livestream my work, so i don't wan't my credentials there. also it's a security issue. please fix and give me a hint of how i can patch the plugin so that it doesn't happen. thanks.
![linear[bot] avatar](https://avatars.githubusercontent.com/in/20150?v=4 "Published by a pub.dev verified publisher"){kind=small}
@jerobarraco You can disable these log messages with the Debug option in plugin settings.
If you still want to have that extra debug output (e.g. to see the underlying sentry-native lib initialization result) you can modify its pre-processing logic and filter out messages that contain sensitive info here:
https://github.com/getsentry/sentry-unreal/blob/345fb64624744ddf56f0610cda3454e8aa0df080/plugin-dev/Source/Sentry/Private/GenericPlatform/GenericPlatformSentrySubsystem.cpp#L50-L64
Thanks so much. very helpful. Somehow i've missed that. Thanks so much for exposing this as config variables both in the systemsettings and the ini config file. One request though is for sentry to use their own config file instead of "Engine". this also makes easy to accidentally show some things i'd rather keep secret (like the dsn or ingest url). and would make it much easier to manage the settings. E.g. choosing which files to submit to the repo, having automations, making it easier to support multiple projects. i've made a ticket for it. https://github.com/getsentry/sentry-unreal/issues/1158
in any case i'll test this a bit and close the ticket if i don't see any issue.
in any case i'll test this a bit and close the ticket if i don't see any issue.
Thank you, please let us know if anything else comes up.
thanks. i haven't seen the logs yesterday. i'll mark this as closed. thanks!