From e2ff50b3e7dcd0e6005d49c93197abfd9e5c525b Mon Sep 17 00:00:00 2001
From: Mariah Jacobs <114685994+mjac0bs@users.noreply.github.com>
Date: Wed, 9 Oct 2024 14:53:27 -0700
Subject: [PATCH] fix: Better sanitize Pendo URLs (#11079)

* Make adjustments to url sanitization

* Add changeset
---
 .../pr-11079-tech-stories-1728504676937.md    |  5 ++++
 packages/manager/src/hooks/usePendo.ts        | 23 +++++++++++--------
 2 files changed, 19 insertions(+), 9 deletions(-)
 create mode 100644 packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md

diff --git a/packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md b/packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md
new file mode 100644
index 00000000000..dfdf23c08de
--- /dev/null
+++ b/packages/manager/.changeset/pr-11079-tech-stories-1728504676937.md
@@ -0,0 +1,5 @@
+---
+"@linode/manager": Tech Stories
+---
+
+Improve Pendo URL sanitization ([#11079](https://github.com/linode/manager/pull/11079))
diff --git a/packages/manager/src/hooks/usePendo.ts b/packages/manager/src/hooks/usePendo.ts
index d093011c00a..e1275106274 100644
--- a/packages/manager/src/hooks/usePendo.ts
+++ b/packages/manager/src/hooks/usePendo.ts
@@ -104,17 +104,22 @@ export const usePendo = () => {
               action: 'Replace',
               attr: 'pathname',
               data(url: string) {
-                const idMatchingRegex = /\d+$/;
+                const idMatchingRegex = /(\/\d+)/;
+                const bucketPathMatchingRegex = /(buckets\/[^\/]+\/[^\/]+)/;
                 const userPathMatchingRegex = /(users\/).*/;
-                const oauthPathMatchingRegex = /oauth\/callback#access_token/;
-                if (
-                  idMatchingRegex.test(url) ||
-                  oauthPathMatchingRegex.test(url)
-                ) {
-                  // Removes everything after the last /
-                  return url.replace(/\/[^\/]*$/, '/');
+                const oauthPathMatchingRegex = /(#access_token).*/;
+
+                if (idMatchingRegex.test(url)) {
+                  // Replace any ids with XXXX and keep the rest of the URL intact
+                  return url.replace(idMatchingRegex, '/XXXX');
+                } else if (bucketPathMatchingRegex.test(url)) {
+                  // Replace the region and bucket names with XXXX and keep the rest of the URL intact
+                  return url.replace(bucketPathMatchingRegex, 'XXXX/XXXX');
+                } else if (oauthPathMatchingRegex.test(url)) {
+                  // Remove everything after access_token/
+                  url.replace(oauthPathMatchingRegex, '$1');
                 } else if (userPathMatchingRegex.test(url)) {
-                  // Removes everything after /users
+                  // Remove everything after /users
                   return url.replace(userPathMatchingRegex, '$1');
                 }
                 return url;