When an exception occurs in a web request, the Flare client will pass on all request fields that are present in the body.
In some cases, such as a login page, these request fields may contain a password that you don't want to send to Flare. By default, Flare will replace the value any fields that are named "password" with "<CENSORED>".
You can censor values of additional fields. If you use Laravel, you can put the names of those fields in the reporting.censor_request_body_fields key of the flare config file.
// config/flare.php
return [
// ...
'reporting' => [
// ...
'censor_request_body_fields' => ['password', 'other_field'],
]
]
In non-Laravel PHP projects you can use call censorRequestBodyFields on the Flare client. You should pass it the names of the fields you wish to censor.
// Where you registered your client...
$flare = Flare::register('YOUR-FLARE-API-KEY')
->registerFlareHandlers();
$flare->censorRequestBodyFields('password');
This will replace the value of any sent fields named "password" with the value "<CENSORED>".
You can see other improvements we recently made on our changelog. Do you have an idea to improve Flare? Let us know!
Continue reading
Lessons from the deep end
20 months ago, we started building Performance Monitoring as Flare’s next big feature, never expecting Laravel’s rapid commercial growth to put us in direct competition with their own tools. This is our honest take on those 20 months went, how we’re adapting to this new reality, and where we’re heading next while staying true to who we are. A dive into the deep end, without knowing how far down it goes.
Alex
Connect your AI agent to Flare to automatically fix production and performance problems in PHP and Laravel projects
You can now use our MCP server to connect your AI agent to Flare. This way your AI has all context it needs to diagnose and fix production and performance problems.
Freek
Subscribe to Backtrace, our quarterly Flare newsletter
No spam, just news & product updates
