Protect sensitive data
As with any third-party service, it’s important for you to understand and have the ability to manage what data is sent to Shake servers. Shake SDK allows you to filter out sensitive data on the device itself, so it never reaches the Shake servers.
Automatically redacted sensitive data
Shake automatically redacts these sensitive data from your touch events and network requests:
- email addresses
- IP addresses
- credit card numbers
- bearer tokens
Shake also redacts network header values if the header key is:
- password
- secret
- passwd
- api_key
- apikey
- access_token
- auth_token
- credentials
- mysql_pwd
- stripetoken
- Authorization
- Proxy-Authorization
- card[number]
- token
To disable this privacy feature, use the method below:
- Javascript
- Typescript
Shake.config.sensitiveDataRedaction = false;
Shake.config.sensitiveDataRedaction = false;
Network requests
Network requests may contain sensitive data which you may not want to send to Shake servers.
Use the Shake.config.networkRequestsFilter property to obfuscate sensitive parts of those requests,
or to entirely prevent certain network requests from being logged.
As an example, if you'd like to obfuscate the Authorization header in all network requests sent from your app, do this:
- Javascript
- Typescript
import Shake from '@shakebugs/browser';Shake.config.networkRequestsFilter = (networkRequest) => {const headers = networkRequest.request_headers;if (Object.keys(headers).includes('Authorization')) {headers['Authorization'] = '***';}return networkRequest;};
import Shake, {NetworkRequest} from '@shakebugs/browser';Shake.config.networkRequestsFilter = (networkRequest: NetworkRequest) => {const headers: { [key: string]: string } = networkRequest.request_headers;if (Object.keys(headers).includes('Authorization')) {headers['Authorization'] = '***';}return networkRequest;};
If you don't want to log specific network requests, return null from the NetworkRequestsFilter as shown below:
- Javascript
- Typescript
import Shake from '@shakebugs/browser';Shake.config.networkRequestsFilter = (networkRequest) => {if (networkRequest.url.startsWith('https://api.myapp.com/cards')) {return null;}return networkRequest;};
import Shake, {NetworkRequest} from '@shakebugs/browser';Shake.config.networkRequestsFilter = (networkRequest: NetworkRequest) => {if (networkRequest.url.startsWith('https://api.myapp.com/cards')) {return null;}return networkRequest;};
To clear the network requests filter, use Shake.config.networkRequestsFilter = null;.