[arianvanp]

It still means I'm sending potentially sensitive data (idk, passwords) to a server I don't own. There is no way I can trust github on this. Would there be a less-than-hacky way then regexing the URL? a way to let it redirect to a self-hosted version of the github page for example? Shouldn't be too hard to add and would solve OPs concerns.

[keyanzhang]

The `reactProdInvariant` function [1] does the URL encoding job and the decoder on our documentation page is just a React component [2]. I totally understand your concern and for now you can simply edit the `reactProdInvariant` function to fit your needs.

[1] https://github.com/facebook/react/blob/master/src/shared/uti...

[2] https://github.com/facebook/react/blob/master/docs/_js/Error...

[crescentfresh]

> It still means I'm sending potentially sensitive data (idk, passwords) to a server I don't own

Not sure if you missed spicyj's point or arguing that you yourself might not notice the sensitive data in the url.

If you - as the developer - need to inquire more about the error (say after reproducing it on production), you copy and paste the error url and remove the sensitive data before going to said url.

[mintplant]

What about using the hash part of the URL (#) instead of the query part (?)? That doesn't get sent to the server. Although you still have to trust that a script on the page isn't reading that information and shuttling it off somewhere else--but then, you're already trusting Facebook code anyway.