When an exception occurs in a web request, the Flare client will pass on all request fields that are present in the body.
In some cases, such as a login page, these request fields may contain a password that you don't want to send to Flare. By default, Flare will replace the value any fields that are named "password" with "<CENSORED>".
You can censor values of additional fields. If you use Laravel, you can put the names of those fields in the reporting.censor_request_body_fields key of the flare config file.
// config/flare.php
return [
// ...
'reporting' => [
// ...
'censor_request_body_fields' => ['password', 'other_field'],
]
]
In non-Laravel PHP projects you can use call censorRequestBodyFields on the Flare client. You should pass it the names of the fields you wish to censor.
// Where you registered your client...
$flare = Flare::register('YOUR-FLARE-API-KEY')
->registerFlareHandlers();
$flare->censorRequestBodyFields('password');
This will replace the value of any sent fields named "password" with the value "<CENSORED>".
You can see other improvements we recently made on our changelog. Do you have an idea to improve Flare? Let us know!
Continue reading
Version 2 of our JavaScript client libraries
We shipped v2 of @flareapp/js, @flareapp/react, @flareapp/vue, and @flareapp/vite. The framework packages now handle error boundaries, automatic context collection, and component prop capture out of the box. The core client talks to a new, faster ingestion endpoint, and the Vite plugin got retry logic and smarter sourcemap handling.
Sébastien
Flare ❤️ Livewire
Flare has deep Livewire visibility: components nested in traces with full hierarchy, per-phase timing (mount, hydrate, render, dehydrate), aggregated component views with bidirectional links, rich error context, and a lot more. Let us show you how Flare can assist in debugging your Livewire project.
Ruben
Subscribe to Backtrace, our quarterly Flare newsletter
No spam, just news & product updates
