Merge pull request #109 from MindscapeHQ/filter-servervariables

Filter servervariables

Mindscape.Raygun4Net/Messages/RaygunRequestMessage.cs

@@ -16,7 +16,7 @@ public RaygunRequestMessage(HttpRequest	request, List<string> ignoredFormNames)
       Url = request.Url.AbsolutePath;
       HttpMethod = request.RequestType;
       IPAddress = request.UserHostAddress;
-      Data = ToDictionary(request.ServerVariables, Enumerable.Empty<string>());
+      Data = ToDictionary(request.ServerVariables, ignoredFormNames ?? Enumerable.Empty<string>());
       QueryString = ToDictionary(request.QueryString, Enumerable.Empty<string>());
       Headers = ToDictionary(request.Headers, ignoredFormNames ?? Enumerable.Empty<string>());
       Form = ToDictionary(request.Form, ignoredFormNames ?? Enumerable.Empty<string>(), true);

README.md

@@ -80,16 +80,22 @@ If using the HTTP module then you can exclude errors by their HTTP status code b
 <RaygunSettings apikey="YOUR_APP_API_KEY" excludeHttpStatusCodes="418" />
 ```
 
-**Remove sensitive form data**
+**Remove sensitive request data**
 
-If you have sensitive user data being sent in a POST request that you wish to prevent being transmitted to Raygun, you can provide a list of possible keys (Names) to remove:
+If you have sensitive data in an HTTP request that you wish to prevent being transmitted to Raygun, you can provide a list of possible keys (Names) to remove:
 
 ```csharp
 raygunClient.IgnoreFormDataNames(new List<string>() { "SensitiveKey1", "SomeCreditCardData"});
 ```
 
 When an error occurs and is passed in to Raygun4Net, if any of the keys specified are present in request.Form, they will not be transmitted to the Raygun API.
 
+*Sensitive keys are removed from the following transmitted properties:*
+
+  * HttpRequest.**Headers**
+  * HttpRequest.**Form**
+  * HttpRequest.**ServerVariables**
+
 **Remove wrapper exceptions (available for all desktop .NET apps too)**
 
 If you have common outer exceptions that wrap a valuable inner exception which you'd prefer to group by, you can specify these by providing a list:
@@ -226,7 +232,7 @@ This feature is optional if you wish to disable it for privacy concerns.
 
 * You can also set an arbitrary number of tags (as an array of strings), i.e. for tagging builds. This is optional and will be transmitted in addition to the version number above.
 
-#### Custom data
+## Custom data
 
 Providing additional name-value custom data is also available as an overload on Send().
 

readme.txt

@@ -57,16 +57,20 @@ If using the HTTP module then you can exclude errors by their HTTP status code b
 
 <RaygunSettings apikey="YOUR_APP_API_KEY" excludeHttpStatusCodes="418" />
 
-Remove sensitive form data
-
-If you have sensitive user data being sent in a POST request that you wish to prevent being transmitted to Raygun, you can provide a list of possible keys (Names) to remove:
+Remove sensitive request data
 
+If you have sensitive data in an HTTP request that you wish to prevent being transmitted to Raygun, you can provide a list of possible keys (Names) to remove:
 
 raygunClient.IgnoreFormDataNames(new List<string>() { "SensitiveKey1", "SomeCreditCardData"});
 
-
 When an error occurs and is passed in to Raygun4Net, if any of the keys specified are present in request.Form, they will not be transmitted to the Raygun API.
 
+Sensitive keys are removed from the following transmitted properties:
+
+  * HttpRequest.Headers
+  * HttpRequest.Form
+  * HttpRequest.ServerVariables
+
 Remove wrapper exceptions (available for all desktop .NET apps too)
 
 If you have common outer exceptions that wrap a valuable inner exception which you'd prefer to group by, you can specify these by providing a list: