Network Data Redaction

Brie captures network requests to give developers full context, but sensitive data is automatically redacted to protect privacy.

Automatic redaction

Brie uses regex patterns and a keyword list of 50+ sensitive field names to detect and redact data, including:

  • JWT tokens — Bearer tokens matching JWT format
  • API keys — Keys with common prefixes (sk-, cla-, hf_, AWS/Azure/GCP/Stripe key patterns)
  • Authorization headersAuthorization, Cookie, Set-Cookie
  • Credential fields — password, secret, token, access_token, client_secret, oauth_token, and more
  • Financial data — Credit card numbers, bank details, SSN, PIN codes

Redacted values are replaced with [REDACTED_BY_BRIE] in the captured data.

Domain skip list

For local development and staging environments, you may want to see full request data without redaction:

  1. Open extension settings.
  2. Add domains to the Domain skip list (e.g., localhost, 127.0.0.1, staging.myapp.com).

Requests to these domains will not have their data redacted. Non-production URLs (localhost, 127.0.0.1, staging patterns) are also skipped by default.

What is NOT captured

Brie does not capture:

  • Binary content (images, audio, video, PDFs, archives).
  • Response bodies larger than 1MB.
  • Brie's own internal API calls.

Pro tip: If you're testing against a staging environment with real customer data, make sure it's not in your domain skip list to keep redaction active.