From 9330dea1474629d84c44034f4dcebef3a5b897e2 Mon Sep 17 00:00:00 2001
From: Morgan Pichat <morgan.pichat@prestashop.com>
Date: Tue, 2 Jul 2024 18:32:37 +0200
Subject: [PATCH] Mask admin folder in URL tag

---
 js/sentry.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/js/sentry.js b/js/sentry.js
index 7c65e5da8..3b9734946 100644
--- a/js/sentry.js
+++ b/js/sentry.js
@@ -25,6 +25,10 @@
 
 Sentry.init({
     dsn: "https://eae192966a8d79509154c65c317a7e5d@o298402.ingest.us.sentry.io/4507254110552064",
+    beforeSend(event) {
+        event.request.url = maskSensitiveInfoInUrl(event.request.url, input.adminUrl);
+        return event;
+    },
 });
 
 document.getElementById("submitErrorReport").addEventListener("click", function () {
@@ -38,6 +42,10 @@ document.getElementById("submitErrorReport").addEventListener("click", function
             }
         });
 
+        const url = maskSensitiveInfoInUrl(window.location.href, input.adminUrl);
+
+        Sentry.setTag("url", url);
+
         const eventId = Sentry.captureMessage(messages, "error");
         const userEmail = document.getElementById("userEmail");
         const errorDescription = document.getElementById("errorDescription");
@@ -54,3 +62,11 @@ document.getElementById("submitErrorReport").addEventListener("click", function
         $('#errorModal').modal('hide')
     }
 });
+
+function maskSensitiveInfoInUrl(url, adminFolder) {
+    let regex = new RegExp(adminFolder, "g");
+    url = url.replace(regex, '/********');
+
+    regex = new RegExp( "token=[^&]*", "i");
+    return url.replace(regex, 'token=********');
+}