Is it possible to redact the crash stacktrace before sending?See original GitHub issue
We have found that some
SocketTimeoutExceptions may contain source IP addresses in their messages. Due to the company policy, we need to ensure that no Personal Identifiable Information (PII) is being collected by any of our services or that we block any access to it from our end.
We’ve taken care of redacting error logs and exception stacktraces that would end up in an ACRA report when logging silent exceptions, but I’m wondering if it’s possible to redact the stacktrace of a crash log at all? I’m aware that:
- it’s unlikely we’d let the app crash with a
- unlikely that many other exceptions print out IP addresses in their messages
- the same crash log would end up in Play console, unredacted
But we’d like to take some proactive steps to prove we’re doing anything we can to avoid collecting PII where possible.
Would redacting the crash stacktrace be a case of implementing a
Collector extension containing code similar to the
StacktraceCollector but just making sure the stacktrace is redacted?
- Created 2 years ago
- Comments:6 (3 by maintainers)
Top GitHub Comments
No need to fork, see https://github.com/ACRA/acra/wiki/Custom-Extensions
Right, that was indeed the problem, I’m getting the
REDACTED_STACK_TRACEfield as expected now, thanks!
I’ll try with post processing though, to redact the actual stack trace as you suggested 🙌🏻