Generate and Sanitize HTTP Archive Files

When you report issues with Palette to Spectro Cloud Support, we may ask you to generate an HTTP Archive (HAR) file to help us identify and resolve those issues.

warning

HAR files contain all network activity for a specific page, including sensitive and confidential information, such as API keys, secrets, cookies, passwords, and more. Before sending your HAR files to us, sanitize the sensitive data. We do not recommend using any third-party tools for HAR sanitization, as they can overlook some details.

This guide explains how you can generate HAR files in Chrome, Safari, and Firefox and sanitize the sensitive data they contain.

Prerequisites

A browser of choice. For instance, you could use Chrome, Safari, or Firefox. If you're using Safari, make sure to enable its web development features first.
A text editor of choice. For example, you could use Visual Studio Code or Sublime.

Generate and Sanitize HARs

Generate HAR Files

Chrome
Safari
Firefox

Open the page with issues in Chrome.
On your keyboard, open Developer Tools:
- For Windows and Linux, press F12 or Ctrl + Shift + I.
- For Mac, press Fn + F12 or Cmd + Option + I.
For alternative methods to open Developer Tools, refer to Open Chrome DevTools.
In Developer Tools, select the Network tab, and, on the Network pane:
1. If the leftmost icon displays a circle within a circle, click it to start recording network activity.
2. Click the Clear network log icon that follows it to clear the current network log.
3. Select the Preserve log and Disable cache checkboxes.
On the page, reproduce the issues you've encountered.
In the network log, right-click any item and select Save all as HAR with content.

Sanitize HAR Files

Open the generated HAR file in a text editor.
Carefully examine the file contents and either remove or redact sensitive information.

tip
If you're using a built-in search feature, ensure it's case-insensitive and check every instance of confidential data it highlights.

You can use the following keywords for reference.

Keywords for sanitization

warning

This list is not exhaustive. You should also check for data that is considered sensitive or confidential within your organization.

state
shdf
usg
password
code
code_verifier
client_secret
token
Access_token
refresh_token
authenticity_token
Id_token
SAMLResponse
SAML Request
appID
challenge
facetID
assertion
fcParams
serverData
Authorization
auth
key
pem
rsa
dsa
ecdsa
signature
passkey

Consider the following examples of how to approach redacting passwords, tokens, and cookies.

Passwords
Tokens
Cookies

  "postData": {
    "mimeType": "application/json",
    "text": "{\"emailId\":\"REDACTED\",\"password\":\"REDACTED\",\"org\":\"spectro-cloud\"}"
  }

  "queryString": [
    {
      "name": "access_token",
      "value": "REDACTED"
    }
  ],

  "cookies": [
    {
      "name": "__stripe_mid",
      "value": "REDACTED",
      "path": "/",
      "domain": "console.spectrocloud.com",
      "expires": "2025-01-10T20:51:03.000Z",
      "httpOnly": false,
      "secure": true,
      "sameSite": "Strict"
    },
  ]

Validate

Review the generated HAR file against the list of keywords we provided for reference, and make sure you've redacted every instance of sensitive information.

Next Steps

After you've successfully generated and sanitized your HAR file, send it to the Support Specialist who asked you for this file.

Prerequisites​

Generate and Sanitize HARs​

Generate HAR Files​

Sanitize HAR Files​

Validate​

Next Steps​