fix: Better sanitize Pendo URLs (#11079)

* Make adjustments to url sanitization * Add changeset
linode · Oct 9, 2024 · e2ff50b · e2ff50b
1 parent 66e7823
commit e2ff50b
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 9 deletions.
diff --git a/packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md b/packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md
@@ -0,0 +1,5 @@
+---
+"@linode/manager": Tech Stories
+---
+
+Improve Pendo URL sanitization ([#11079](https://github.com/linode/manager/pull/11079))
diff --git a/packages/manager/src/hooks/usePendo.ts b/packages/manager/src/hooks/usePendo.ts
@@ -104,17 +104,22 @@ export const usePendo = () => {
               action: 'Replace',
               attr: 'pathname',
               data(url: string) {
-                const idMatchingRegex = /\d+$/;
+                const idMatchingRegex = /(\/\d+)/;
+                const bucketPathMatchingRegex = /(buckets\/[^\/]+\/[^\/]+)/;
                 const userPathMatchingRegex = /(users\/).*/;
-                const oauthPathMatchingRegex = /oauth\/callback#access_token/;
-                if (
-                  idMatchingRegex.test(url) ||
-                  oauthPathMatchingRegex.test(url)
-                ) {
-                  // Removes everything after the last /
-                  return url.replace(/\/[^\/]*$/, '/');
+                const oauthPathMatchingRegex = /(#access_token).*/;
+
+                if (idMatchingRegex.test(url)) {
+                  // Replace any ids with XXXX and keep the rest of the URL intact
+                  return url.replace(idMatchingRegex, '/XXXX');
+                } else if (bucketPathMatchingRegex.test(url)) {
+                  // Replace the region and bucket names with XXXX and keep the rest of the URL intact
+                  return url.replace(bucketPathMatchingRegex, 'XXXX/XXXX');
+                } else if (oauthPathMatchingRegex.test(url)) {
+                  // Remove everything after access_token/
+                  url.replace(oauthPathMatchingRegex, '$1');
                 } else if (userPathMatchingRegex.test(url)) {
-                  // Removes everything after /users
+                  // Remove everything after /users
                   return url.replace(userPathMatchingRegex, '$1');
                 }
                 return url;