Remove sensitive cookies

src/Sentry/Laravel/Http/LaravelRequestFetcher.php

@@ -3,6 +3,8 @@
 namespace Sentry\Laravel\Http;
 
 use Illuminate\Container\Container;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Str;
 use Psr\Http\Message\ServerRequestInterface;
 use Sentry\Integration\RequestFetcher;
 use Sentry\Integration\RequestFetcherInterface;
@@ -26,9 +28,28 @@ public function fetchRequest(): ?ServerRequestInterface
         }
 
         if ($container->bound(self::CONTAINER_PSR7_INSTANCE_KEY)) {
-            return $container->make(self::CONTAINER_PSR7_INSTANCE_KEY);
+            $request = $container->make(self::CONTAINER_PSR7_INSTANCE_KEY);
+        } else {
+            $request = (new RequestFetcher)->fetchRequest();
         }
 
-        return (new RequestFetcher)->fetchRequest();
+        if ($request === null) {
+            return null;
+        }
+
+        $cookies = new Collection($request->getCookieParams());
+
+        // We need to filter out the cookies that are not allowed to be sent to Sentry because they are very sensitive
+        $forbiddenCookies = [config('session.cookie'), 'remember_*'];
+
+        return $request->withCookieParams(
+            $cookies->map(function ($value, string $key) use ($forbiddenCookies) {
+                if (Str::is($forbiddenCookies, $key)) {
+                    return '[Filtered]';
+                }
+
+                return $value;
+            })->all()
+        );
     }
 }