From 98687bdad1323b0e15fbf312a1bb3d068bb08f4f Mon Sep 17 00:00:00 2001
From: Joris Bayer <joris.bayer@sentry.io>
Date: Fri, 10 Jan 2025 11:38:40 +0100
Subject: [PATCH 1/4] test

---
 tests/integration/test_attachments.py | 46 +++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/tests/integration/test_attachments.py b/tests/integration/test_attachments.py
index 2cbde1c7dd..5ecc5be058 100644
--- a/tests/integration/test_attachments.py
+++ b/tests/integration/test_attachments.py
@@ -177,6 +177,52 @@ def test_attachments_pii(mini_sentry, relay):
     }
 
 
+def test_attachments_pii_logfile(mini_sentry, relay):
+    event_id = "515539018c9b4260a6f999572f1661ee"
+
+    project_id = 42
+    project_config = mini_sentry.add_full_project_config(project_id)
+    project_config["config"]["piiConfig"] = {
+        "rules": {
+            "0": {"type": "email", "redaction": {"method": "mask"}},
+            "1": {"type": "userpath", "redaction": {"method": "remove"}},
+        },
+        "applications": {"$attachments.'logfile.txt'": ["0", "1"]},
+    }
+    relay = relay(mini_sentry)
+
+    attachment = (
+        "att_1",
+        "logfile.txt",
+        rb"""Alice Johnson
+alice.johnson@example.com
++1234567890
+4111 1111 1111 1111
+Bob Smith bob.smith@example.net +9876543210 5500 0000 0000 0004
+Charlie Brown charlie.brown@example.org +1928374650 3782 822463 10005
+Dana White dana.white@example.co.uk +1029384756 6011 0009 9013 9424
+path=c:\Users\yan\mylogfile.txt
+password=mysupersecretpassword123""",
+    )
+
+    relay.send_attachments(project_id, event_id, [attachment])
+
+    scrubbed_payload = mini_sentry.captured_events.get().items[0].payload.bytes
+
+    assert (
+        scrubbed_payload
+        == rb"""Alice Johnson
+*************************
++1234567890
+4111 1111 1111 1111
+Bob Smith ********************* +9876543210 5500 0000 0000 0004
+Charlie Brown ************************* +1928374650 3782 822463 10005
+Dana White ************************ +1029384756 6011 0009 9013 9424
+path=c:\Users\***\mylogfile.txt
+password=mysupersecretpassword123"""
+    )
+
+
 def test_attachments_quotas(
     mini_sentry,
     relay_with_processing,

From 0c6c69a2f41b2d34af235ff7544e8b280dfef19b Mon Sep 17 00:00:00 2001
From: Joris Bayer <joris.bayer@sentry.io>
Date: Fri, 10 Jan 2025 13:34:51 +0100
Subject: [PATCH 2/4] failing test

---
 tests/integration/test_attachments.py | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/tests/integration/test_attachments.py b/tests/integration/test_attachments.py
index 5ecc5be058..2ae07d24df 100644
--- a/tests/integration/test_attachments.py
+++ b/tests/integration/test_attachments.py
@@ -178,8 +178,6 @@ def test_attachments_pii(mini_sentry, relay):
 
 
 def test_attachments_pii_logfile(mini_sentry, relay):
-    event_id = "515539018c9b4260a6f999572f1661ee"
-
     project_id = 42
     project_config = mini_sentry.add_full_project_config(project_id)
     project_config["config"]["piiConfig"] = {
@@ -191,10 +189,7 @@ def test_attachments_pii_logfile(mini_sentry, relay):
     }
     relay = relay(mini_sentry)
 
-    attachment = (
-        "att_1",
-        "logfile.txt",
-        rb"""Alice Johnson
+    attachment = r"""Alice Johnson
 alice.johnson@example.com
 +1234567890
 4111 1111 1111 1111
@@ -202,10 +197,13 @@ def test_attachments_pii_logfile(mini_sentry, relay):
 Charlie Brown charlie.brown@example.org +1928374650 3782 822463 10005
 Dana White dana.white@example.co.uk +1029384756 6011 0009 9013 9424
 path=c:\Users\yan\mylogfile.txt
-password=mysupersecretpassword123""",
-    )
+password=mysupersecretpassword123"""
+
+    envelope = Envelope()
+    item = Item(payload=attachment, type="attachment")
+    envelope.add_item(item)
 
-    relay.send_attachments(project_id, event_id, [attachment])
+    relay.send_envelope(project_id, envelope)
 
     scrubbed_payload = mini_sentry.captured_events.get().items[0].payload.bytes
 

From 987564b7a95065fd73274607c8badb25fcf29530 Mon Sep 17 00:00:00 2001
From: Joris Bayer <joris.bayer@sentry.io>
Date: Fri, 10 Jan 2025 13:49:05 +0100
Subject: [PATCH 3/4] fix

---
 relay-server/src/services/processor/attachment.rs | 4 ++--
 tests/integration/test_attachments.py             | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/relay-server/src/services/processor/attachment.rs b/relay-server/src/services/processor/attachment.rs
index 3985375044..d217e353dd 100644
--- a/relay-server/src/services/processor/attachment.rs
+++ b/relay-server/src/services/processor/attachment.rs
@@ -7,7 +7,7 @@ use std::time::Instant;
 use relay_pii::{PiiAttachmentsProcessor, SelectorPathItem, SelectorSpec};
 use relay_statsd::metric;
 
-use crate::envelope::{AttachmentType, ContentType};
+use crate::envelope::{AttachmentType, ContentType, ItemType};
 use crate::statsd::RelayTimers;
 
 use crate::services::projects::project::ProjectInfo;
@@ -72,7 +72,7 @@ pub fn scrub<Group>(managed_envelope: &mut TypedEnvelope<Group>, project_info: A
             // After we have assessed the impact on performance we can relax this condition.
             for item in envelope
                 .items_mut()
-                .filter(|item| item.attachment_type().is_some())
+                .filter(|item| item.ty() == &ItemType::Attachment)
             {
                 scrub_attachment(item, config);
             }
diff --git a/tests/integration/test_attachments.py b/tests/integration/test_attachments.py
index 2ae07d24df..d1fc59dafa 100644
--- a/tests/integration/test_attachments.py
+++ b/tests/integration/test_attachments.py
@@ -200,7 +200,9 @@ def test_attachments_pii_logfile(mini_sentry, relay):
 password=mysupersecretpassword123"""
 
     envelope = Envelope()
-    item = Item(payload=attachment, type="attachment")
+    item = Item(
+        payload=attachment, type="attachment", headers={"filename": "logfile.txt"}
+    )
     envelope.add_item(item)
 
     relay.send_envelope(project_id, envelope)

From 74a131738f5b342c684e5ba97362a5ae6ea75e7d Mon Sep 17 00:00:00 2001
From: Joris Bayer <joris.bayer@sentry.io>
Date: Fri, 10 Jan 2025 13:51:40 +0100
Subject: [PATCH 4/4] changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bf037405b5..6f8febb289 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@
 **Features**:
 
 - Increase stacktrace function and symbol length limits to 512 chars. ([#4436](https://github.com/getsentry/relay/pull/4436))
-- Scrub non-minidump attachments if there are explicit `$attachment` rules. ([#4415](https://github.com/getsentry/relay/pull/4415))
+- Scrub non-minidump attachments if there are explicit `$attachment` rules. ([#4415](https://github.com/getsentry/relay/pull/4415), [#4441](https://github.com/getsentry/relay/pull/4441))
 - Include blocked domain in CSP reports as a tag. ([#4435](https://github.com/getsentry/relay/pull/4435))
 
 **Internal**: