Sentry: Remove querystring from URL - sentry

Does anyone know how to remove query string field (like token) from URL of error reported in Sentry?
Currenty, it is reported like:
https://sub.domain.com/test/?token=wead87j4odja&auth=test&id=5
And I would like it to be shown without token:
https://sub.domain.com/test/?auth=test&id=5

Have you looked into the organization Data Scrubbers?
https://docs.getsentry.com/hosted/learn/sensitive-data/

Related

How to run a query with Apollo GraphQL?

I am trying to figure out how to write a query in Apollo GraphQL.
I have a schema and have run the application in development mode. I have authenticated through the front end.
I expect that I should be able to follow this documentation and query the user.
I can see from the studio, that the Me query should be capable of checking for my first name (which I can see is recorded in the database), but when I press run in Apollo Studio, I get a null response to the query.
Is there an assumed step to get this working that needs to be taken before queries can be run? It gets worse when I try to do a query on the users table generally. That returns a not authenticated error (I have authenticated in the local environment in the dev app).
I'm struggling to connect the dots between the documentation that shows how this is expected to run queries and the starting point. I suspect that these documents have been prepared with the expectation that users know something fundamental about how to engage with them. I'm looking for disclosure as to what those assumptions might be. I can see from this question that there is a need for an authorisation header, (although my error is to do with authentication rather than authorisation). However, in my studio, the headers tab is empty. How do I populate it and what do I use to populate it?
I can see from the Apollo dev tool that it is trying to use a logged in query. I don't understand what drives this query in the Apollo Studio. Inside the localhost web app (which is running), I am logged in. When I try and run that query in the dev tools, the isLoggedIn (name of the query) is underlined, with an error explanation appearing that says:
Cannot query field "isLoggedIn" on type "Query".
The response shows:
{
"data": {}
}
I am lost for a starting point to find something to try and solve.
I think, based on a comment in this Odyssey tutorial, that the sandbox does not know how to connect to my psql data (not sure about this, but how could it know what queries I have, and not know which data has been stored in the attributes on the schema?). My env variables include my psql attributes and my prisma migrate is up to date. How can I let the sandbox know where the data is stored?
I am trying to learn using this boilerplate repo.
For my next attempt, I tried using the login mutation to generate a token, that I could try adding to the header. I don't know if it needs to be added under the name 'authorization' or 'token', so I made headers with both attribute names and added the same token to each of them.
I tried running the me and user query again, and get a mouthful of gibberish in the response.
The link in the response text goes to a page that has the following error message:
> <Error> <Code>NoSuchKey</Code> <Message>The specified key does not
> exist.</Message> </Error>
When I try going through the process of adding an APOLLO_KEY to my env variables and starting the server, I get an error that says "Unable to reach server". When I run the diagnose script on that error, I get:
Could not find any problems with the endpoint. Would you please to let
us know about this at explorer-feedback#apollographql.com 🙏
I created a new api key and tried again and am able to connect. I am able to run a login mutation and can return my first name inside that mutation, but I cannot do it from the me or user query - those queries still return the unauthenticated error response.
I have tried adding the authorization token to the header field both with and without "", and I have tried labelling that attribute as each of authorization, Authorization, token and then each of those inside "". None of them seems to make any difference to whether I can run a query. How can I find the name of the header token that Apollo Studio Explorer will accept?
I also tried the syntax suggested in this post, which is key Authorization and value "Bearer token" (there are double quotation marks around that string and a space between the word Bearer (capitalised) and the token string). There are no curly braces. That doesn't work either.
I have also tried expressing it as shown in this page of the Apollo documentation, which I think means that the key of the header value should be Authorization and the value should be the word Bearer, immediately followed by the token string generated in the output of the Login migration, inside {{ }}. When I try this, I get the same response as each of the other attempts described above.
There is a difference in the responses though, I get an unauthenticated response on the user query, and a null response on the me query.
One final strange observation: the studio returns the above error and null responses, but if I use the apollo client dev tools in the browser console, I can run the same Me query and get the result.
The user query still returns an unauthenticated error when I run it in the dev tools.
I'd also note that I can ask for the firstName attribute, inside the Login mutation, and receive them back in that response. However, I can't access them inside a Me query itself.
The next thing I investigated was how the resolver was managing the data. The boilerplate includes a resolver with:
import { AuthenticationError } from "apollo-server-express"
import { createMethodDecorator } from "type-graphql"
import { ResolverContext } from "../resolverContext"
export function UseAuth(roles?: string[]): any {
return createMethodDecorator<ResolverContext>(async ({ context: { req } }, next) => {
const argRoles = roles || []
if (req?.currentUser) {
if (argRoles.length === 0) return next()
if (argRoles.includes(req.currentUser.role)) return next()
throw new AuthenticationError("Not authorized")
} else {
throw new AuthenticationError("Not authenticated")
}
})
}
I wondered if maybe the role wasn't being considered. But I can see that it is inside the login mutation, but is not in a query.
Is there a 'for dummies' guide to getting started with apollo graphql?
I hope this spares someone some angst.
The format that works in Apollo Studio Explorer is
Key: Authorization
Value: Bearer[space][token]
There are no curly braces and no quotation marks in any of this. See this post for more discussion about this.

Laravel route query get email address from query value instead of key

I have encountered an issue regarding Laravel 8 routes.
And I am unable to find a solution to this problem.
For example, I have this route format in Laravel:
$domain/password_reset?$email
Where it will look like this:
http://test-website.com/password_reset?test#gmail.com
I am aware that query parameters have ?key=value format. However in my case, the provided route format is what is expected (by client). Not the conventional key=value way. Also, the url link is clicked from an email. Wherein the link in the email uses the exact route format given (not url-encoded).
The sample request query that is fetched in the controller is as follows:
If you would notice, the email became a key (which is expected). And since it is a key, . has been changed to _. Instead of gmail.com it became gmail_com.
Would there be a better solution to get the exact email address from the url (not url-encoded) in this route format? Hopefully someone can help me with this. Thank you very much in advanced!
You should get the request query and parse it yourself:
[$path, $query] = explode('?',$request->fullUrl())
In the exemple above $query should hold everything after ? on the URL.
Alternativelly you can just get the key of the array you already have:
$email = array_keys($request->all())[0]

accessing request parameters Parse

I've got an issue when I try to access the request parameters.
As I've read, we have to use request.params.someParam to access the data we're sending via post or get. I'm following these steps, but I obtain an "undefined" response.
The code I use is the following one:
app.post('/hello', function(request, response) {
var query = new Parse.Query(Parse.Installation);
query.equalTo('UserName', request.params.userName); //trying to filter by UserName parameter
response.set('Content-Type', 'text/plain');
});
Does anyone know why do I obtain an undefined response and how to fix it?
Thanks
May I ask how do you specify your request params?
Because I found that when I tried to arrange a background job with request.params in Parse WebGUI, it requires to put a double quote (") for each key. Ex. {"userName":"John"}.
But when the request.params got passed into the background job, the double quote was escaped. Ex. {\"userName\": "John"}. So I can't get the param by request.params.userName
If I send the request via CURL then it all works fine.

Google Places API : Next Page Token Errors [duplicate]

I'm basically querying the google places API for stores in atlanta.
https://maps.googleapis.com/maps/api/place/search/json?location=33.7488,-84.3874&radius=50000&sensor=false&key=YOUR_KEY_HERE&types=amusement_park|art_gallery|bakery|bar|beauty_salon|bicycle_store|book_store|bowling_alley|cafe|car_repair|car_wash|clothing_store|florist|furniture_store|gym|hair_care|home_goods_store|jewelry_store|laundry|liquor_store|museum|night_club|pet_store|pharmacy|restaurant|shoe_store|spa|store|veterinary_care|zoo
This as expected returns a result with a page token to get another page of data with the same query.
https://maps.googleapis.com/maps/api/place/search/json?key=YOUR_KEY_HERE&page_token=PAGE_TOKEN_HERE
According to their API this second URL is all I need to get the 2nd page of data. But it ALWAYS returns "REQUEST_DENIED".
"{\n \"html_attributions\" : [],\n \"results\" : [],\n \"status\" : \"REQUEST_DENIED\"\n}\n"
It's not clear WHY I'm getting request denied. I'm nowhere NEAR my daily limit. If I try to run the 2nd URL with ALL the given parameters from the first URL with the Token Included it acts as if I'm requesting the 1st page all over again and ignores the page_token entirely.
Has anybody gotten this page_token to work?!?!?!?!?!
This is a bug in the documentation and will be fixed asap. The correct parameter to use is pagetoken NOT page_token.

Google Places API : Page Token Errors

I'm basically querying the google places API for stores in atlanta.
https://maps.googleapis.com/maps/api/place/search/json?location=33.7488,-84.3874&radius=50000&sensor=false&key=YOUR_KEY_HERE&types=amusement_park|art_gallery|bakery|bar|beauty_salon|bicycle_store|book_store|bowling_alley|cafe|car_repair|car_wash|clothing_store|florist|furniture_store|gym|hair_care|home_goods_store|jewelry_store|laundry|liquor_store|museum|night_club|pet_store|pharmacy|restaurant|shoe_store|spa|store|veterinary_care|zoo
This as expected returns a result with a page token to get another page of data with the same query.
https://maps.googleapis.com/maps/api/place/search/json?key=YOUR_KEY_HERE&page_token=PAGE_TOKEN_HERE
According to their API this second URL is all I need to get the 2nd page of data. But it ALWAYS returns "REQUEST_DENIED".
"{\n \"html_attributions\" : [],\n \"results\" : [],\n \"status\" : \"REQUEST_DENIED\"\n}\n"
It's not clear WHY I'm getting request denied. I'm nowhere NEAR my daily limit. If I try to run the 2nd URL with ALL the given parameters from the first URL with the Token Included it acts as if I'm requesting the 1st page all over again and ignores the page_token entirely.
Has anybody gotten this page_token to work?!?!?!?!?!
This is a bug in the documentation and will be fixed asap. The correct parameter to use is pagetoken NOT page_token.

Resources