Redact Sensitive Data
Redact Sensitive Data (with Custom HTML Attribute and Regex Patterns)
Last updated
Was this helpful?
Redact Sensitive Data (with Custom HTML Attribute and Regex Patterns)
Last updated
Was this helpful?
BetterBugs enables you to prevent sensitive information from being captured or shared while creating bug reports with screenshots, screen recordings, or Rewind sessions.
You can configure BetterBugs to do this in multiple ways. For this, you have the following options
Custom HTML Attribute for Blurring Information — Adding data-betterbugs=”ignore” to your web page HTML element blurs out those elements before taking screenshots or recording screens or when using Rewind.
Redact Data with Regex Patterns — Adding default or custom regex patterns first globally identifies the defined key/value pairs in the technical information getting captured (while creating bug reports). Then, the corresponding values get redacted and replaced with “[*** REDACTED BY BETTERBUGS FOR PRIVACY ***]” from your bug reports.
Before creating a report, you need to add the data-betterbugs=”ignore” HTML attribute to your application web page(s) elements to exclude them from getting captured.
You can use this to blur out DOM elements. Meaning? Adding the attribute to the DOM elements would prevent them from getting recorded.
data-betterbugs=”ignore” HTML attribute in your source codeTo use the feature, just add the attribute in your HTML source code for selecting the desired element(s) to be ignored during screenshots, screen recordings, or Rewind sessions.
Here’s what it looks like:
You're good to go.
You can easily add regular expressions (REGEX) to BetterBugs for it to redact/remove sensitive data or prevent information from getting captured.
Once you add the specific regex (from the extension’s “⚙️Settings” option), when you create a report, BetterBugs stringifies the technical details captured during the screen capturing (screenshot, screen record, or Rewind) session object and processes it with the saved regex patterns before the report uploads.
This prevents the pre-defined sensitive information, such as authentication headers, access tokens, emails, passwords, card numbers, CVV, and API keys, from being accidentally shared along with the bug reports.
For instance, if a network request (being captured) in your bug report contains a sensitive user email ID, with the pre-applied regex pattern, BetterBugs redacts it automatically while getting shared. Meaning?
Instead of the actual email ID for the key/pair value in the request/response/payload object, BetterBugs replaces it with “[*** REDACTED BY BETTERBUGS FOR PRIVACY ***]” as the value in the result object.
EXAMPLE
Original JSON Object before capturing:
Redacted JSON result with the pre-applied REGEX after capturing:
Here’s how it’s commonly used:
Data Privacy Management — You can define multiple regex patterns in the settings to redact sensitive data before uploading. BetterBugs comes with predefined regex patterns for common sensitive data types like authentication headers, access tokens, emails, passwords, card numbers, CVV, and API keys. You can view unredacted data before uploading and verify redaction after uploading sensitive data.
Customizable Redaction — You can modify the regex patterns to fit your application's specific requirements. Redaction is applied only to sensitive data, and other intentionally added data remains unaltered.
By default, BetterBugs comes bundled with several pre-added regex patterns that you might commonly use. This helps you get started with using the redaction feature right off the bat.
To access the pre-added regex patterns:
Here, you’ll find all the pre-defined regex patterns that come as a default when you download BetterBugs.
Adding custom regex patterns is super easy. Here’s how to do it:
You're good to go.
Regex
This regex looks for the keywords password, passwd, or pwd, optionally enclosed in quotes (", ', or `), followed by an assignment operator (= or :), and captures the text representing the password inside quotes.
Regex
This regex matches API keys or similar tokens assigned to terms like api_key, access_token, or client_secret. The key must be alphanumeric, optionally include _, -, or ., and be 16–64 characters long.
Regex
Matches valid credit card numbers from providers like Visa, Mastercard, Amex, Discover, etc., while excluding invalid numbers (e.g., 0000000000000000). It recognizes formats with spaces or dashes.
Regex
Identifies 3–4 digit CVV codes assigned to terms like cvv, cvc, or cid, ensuring the code isn’t 000 or 999.
Regex
Matches standard email addresses, allowing for +, %, or dots in local parts of the address.
Regex
Captures Bearer tokens from Authorization headers. These tokens must follow the JSON Web Token (JWT) structure with three dot-separated Base64-encoded segments.
Regex
Matches JSON Web Tokens (JWT), which have three segments separated by dots. Each segment is Base64-encoded.
Regex
Extracts client_id values that are 32+ alphanumeric characters long, assigned to terms like client_id or clientId.
Regex
Matches valid IPv6 addresses, which are represented in hexadecimal and separated by colons.
Regex
Matches valid IPv4 addresses, ensuring they are not browser version strings (e.g., Chrome/98.0.0.0).
