Many times during debugging, it's useful to know what the network request/response headers and bodies are. Highlight allows you to record network headers and bodies.
You can enable recording of network requests and responses by setting networkRecording.recordHeadersAndBody (see NetworkRecordingOptions) to true when initializing Highlight.
Highlight monkey patches XmlHttpRequest and fetch to record data from your app's requests/responses including status codes, headers, and bodies.
Out of the box, Highlight will not record known headers that contain secrets. Those headers are: - Authorization - Cookie - Proxy-Authorization If you have other headers that you would like to redact then you can set networkRecording.networkHeadersToRedact.
You may have APIs that you know will always return secrets in the headers, body, or both. In this case, you can choose URLs to redact from. If a URL matches one of the URLs you specify, the header and body will not be recorded.
Out of the box, Highlight will not record these URLs: - https://www.googleapis.com/identitytoolkit - https://securetoken.googleapis.com
See NetworkRecordingOptions for more information on how to configure network recording.