# Security (via Regex) ### Redact data with regex patterns The "**Redact Data with Regex**" function lets you add custom regex patterns to devtools data captured in bug reports, allowing you to hide or redact sensitive information from bug reports before it gets uploaded. Read All About Redact with Regex ### Steps to Add Custom Regex Patterns Adding custom regex patterns is super easy. Here’s how to do it: {% stepper %} {% step %} #### Go to Workspace Settings > Security (Regex) Click on BetterBugs Workspace name at the top left side. Now, click the **gear icon** to open **Workspace Settings > Security (Regex)** {% endstep %} {% step %} #### Click "Add New Pattern" Click "Add New Pattern" button to start adding your perferred Regex patterns. {% endstep %} {% step %} #### Enter Regex name and Regex Pattern Enter the desired “**Regex Name**” and its “**Regex Pattern**”. {% endstep %} {% step %} #### Save Hit "**Add Pattern**" button to save it. {% endstep %} {% endstepper %} You're good to go. ### Default Regex Patterns that Come with BetterBugs.io By default, BetterBugs.io comes bundled with 10 pre-added regex patterns that you might commonly use. This helps you get started with using the redaction feature right off the bat. ### Saved Patterns List of data points redacted by default (pre-added by BetterBugs.io): #### **Password** **Regex** ```regex /(?<=["`']?(?:password|passwd|pwd)["`']?\s*[:=]\s*["`'])([^"`']+)(?=["`'])/gi ``` This regex looks for the keywords password, passwd, or pwd, optionally enclosed in quotes (", ', or \`), followed by an assignment operator (= or :), and captures the text representing the password inside quotes. #### **API Key** Regex ```regex /(?:api[_-]?key|access[_-]?token|client[_-]?secret)[:=]\s*(['"]?)([a-zA-Z0-9_\-\.]{16,64})\1/gi ``` This regex matches API keys or similar tokens assigned to terms like api\_key, access\_token, or client\_secret. The key must be alphanumeric, optionally include \_, -, or ., and be 16–64 characters long. #### **Credit Card** Regex ```regex /\b(?!0{16})(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|6(?:011|5[0-9]{2})[0-9]{12}|(?:2131|1800|35\d{3})\d{11})(?:[\s-]?\d{4})?/g ``` Matches valid credit card numbers from providers like Visa, Mastercard, Amex, Discover, etc., while excluding invalid numbers (e.g., 0000000000000000). It recognizes formats with spaces or dashes. #### **CVV** Regex ```regex /(?<=(?:["']?(?:cvv2?|cvc2?|cid)["']?\s*[:=]\s*["']?))(?!000|999)\d{3,4}(?=["']?)/gi ``` Identifies 3–4 digit CVV codes assigned to terms like cvv, cvc, or cid, ensuring the code isn’t 000 or 999. #### **Email** Regex ```regex /[a-zA-Z0-9._%+-]+(?:%40|@)[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z]{2,})+/gi ``` Matches standard email addresses, allowing for +, %, or dots in local parts of the address. #### **Authorization Header** Regex ```regex /(?:Authorization["'\s:]+|Bearer\s+)(eyJ[A-Za-z0-9\-_\.]+\.eyJ[A-Za-z0-9\-_\.]+\.[A-Za-z0-9\-_\.]+)/gi ``` Captures Bearer tokens from Authorization headers. These tokens must follow the JSON Web Token (JWT) structure with three dot-separated Base64-encoded segments. #### **JWT Token** Regex ```regex /(eyJ[A-Za-z0-9\-_\.]+\.eyJ[A-Za-z0-9\-_\.]+\.[A-Za-z0-9\-_\.]+)/g ``` Matches JSON Web Tokens (JWT), which have three segments separated by dots. Each segment is Base64-encoded. #### **Client ID** Regex ```regex /(?<=(?:["']?(?:client_?id|clientId|client-id)["']?\s*[:=]\s*["']))([A-Za-z0-9_-]{32,})(?=["'])/gi ``` Extracts client\_id values that are 32+ alphanumeric characters long, assigned to terms like client\_id or clientId. #### **IPv6** Regex ```regex /\b(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\b/g ``` Matches valid IPv6 addresses, which are represented in hexadecimal and separated by colons. #### **IPv4** Regex ```regex /(?