Revert change to the behaviour of _filter_headers but retain the new AnnotatedValue methods

Author: ericapisani

sentry_sdk/integrations/_asgi_common.py

@@ -93,7 +93,9 @@ def _get_request_data(asgi_scope: "Any") -> "Dict[str, Any]":
     if ty in ("http", "websocket"):
         request_data["method"] = asgi_scope.get("method")
 
-        request_data["headers"] = headers = _filter_headers(_get_headers(asgi_scope))
+        request_data["headers"] = headers = _filter_headers(
+            _get_headers(asgi_scope), use_annotated_value=False
+        )
         request_data["query_string"] = _get_query(asgi_scope)
 
         request_data["url"] = _get_url(

sentry_sdk/integrations/_wsgi_common.py

@@ -6,7 +6,6 @@
 from sentry_sdk._types import SENSITIVE_DATA_SUBSTITUTE
 from sentry_sdk.scope import should_send_default_pii
 from sentry_sdk.utils import AnnotatedValue, logger
-from sentry_sdk.tracing_utils import has_span_streaming_enabled
 
 try:
     from django.http.request import RawPostDataException
@@ -213,17 +212,14 @@ def _is_json_content_type(ct: "Optional[str]") -> bool:
 
 
 def _filter_headers(
-    headers: "Mapping[str, str]",
+    headers: "Mapping[str, str]", use_annotated_value: True
 ) -> "Mapping[str, Union[AnnotatedValue, str]]":
     if should_send_default_pii():
         return headers
 
-    client_options = sentry_sdk.get_client().options
-    is_span_streaming_enabled = has_span_streaming_enabled(client_options)
-
     substitute: "Union[AnnotatedValue, str]" = (
         SENSITIVE_DATA_SUBSTITUTE
-        if is_span_streaming_enabled
+        if not use_annotated_value
         else AnnotatedValue.removed_because_over_size_limit()
     )
 

sentry_sdk/integrations/wsgi.py

@@ -400,7 +400,7 @@ def _get_request_attributes(
     if method:
         attributes["http.request.method"] = method.upper()
 
-    headers = _filter_headers(dict(_get_headers(environ)))
+    headers = _filter_headers(dict(_get_headers(environ)), use_annotated_value=False)
     for header, value in headers.items():
         attributes[f"http.request.header.{header.lower()}"] = value
 

tests/integrations/asgi/test_asgi.py

@@ -1002,48 +1002,3 @@ async def test_custom_transaction_name(
         assert transaction_event["type"] == "transaction"
         assert transaction_event["transaction"] == "foobar"
         assert transaction_event["transaction_info"] == {"source": "custom"}
-
-
-@pytest.mark.asyncio
-@pytest.mark.parametrize("span_streaming", [True, False])
-async def test_filter_sensitive_headers_without_pii(
-    sentry_init,
-    asgi3_app,
-    capture_events,
-    capture_items,
-    span_streaming,
-):
-    sentry_init(
-        send_default_pii=False,
-        traces_sample_rate=1.0,
-        _experiments={
-            "trace_lifecycle": "stream" if span_streaming else "static",
-        },
-    )
-    app = SentryAsgiMiddleware(asgi3_app)
-
-    if span_streaming:
-        items = capture_items("span")
-    else:
-        events = capture_events()
-
-    async with TestClient(app) as client:
-        await client.get(
-            "/",
-            headers={"Authorization": "Bearer secret", "X-Custom": "ok"},
-        )
-
-    sentry_sdk.flush()
-
-    if span_streaming:
-        assert len(items) == 1
-        attributes = items[0].payload["attributes"]
-        assert attributes["http.request.header.authorization"] == "[Filtered]"
-        assert attributes["http.request.header.x-custom"] == "ok"
-    else:
-        (transaction_event,) = events
-        headers = transaction_event["request"]["headers"]
-        assert (
-            headers["authorization"] != "Bearer secret"
-        )  # In the legacy approach, the expectation is that the event scrubber would remove this
-        assert headers["x-custom"] == "ok"

tests/integrations/wsgi/test_wsgi.py

@@ -841,50 +841,3 @@ def app(environ, start_response):
 )
 def test_get_request_url_x_forwarded_proto(environ, use_x_forwarded_for, expected_url):
     assert get_request_url(environ, use_x_forwarded_for) == expected_url
-
-
-@pytest.mark.parametrize("span_streaming", [True, False])
-def test_filter_sensitive_headers_without_pii(
-    sentry_init,
-    capture_events,
-    capture_items,
-    span_streaming,
-):
-    def app(environ, start_response):
-        start_response("200 OK", [])
-        return [b"ok"]
-
-    sentry_init(
-        send_default_pii=False,
-        traces_sample_rate=1.0,
-        _experiments={
-            "trace_lifecycle": "stream" if span_streaming else "static",
-        },
-    )
-    middleware = SentryWsgiMiddleware(app)
-    client = Client(middleware)
-
-    if span_streaming:
-        items = capture_items("span")
-    else:
-        events = capture_events()
-
-    client.get(
-        "/",
-        headers={"Authorization": "Bearer secret", "X-Custom": "ok"},
-    )
-
-    sentry_sdk.flush()
-
-    if span_streaming:
-        assert len(items) == 1
-        attributes = items[0].payload["attributes"]
-        assert attributes["http.request.header.authorization"] == "[Filtered]"
-        assert attributes["http.request.header.x-custom"] == "ok"
-    else:
-        envelope = events[0]
-        headers = envelope["request"]["headers"]
-        assert (
-            headers["Authorization"] != "Bearer secret"
-        )  # In the legacy approach, the expectation is that the event scrubber would remove this
-        assert headers["X-Custom"] == "ok"