DEV Community

Cover image for I Built a PII Redactor That Runs 100% in Your Browser
Pure Life Tribe
Pure Life Tribe

Posted on

I Built a PII Redactor That Runs 100% in Your Browser

#privacy #programming #security #cybersecurity

Because sending logs with customer data should never feel like playing Russian roulette.

You know that exact moment. You’re staring at a production log, a support ticket, or a messy JSON response. It has everything you need to debug the issue… and a bunch of stuff you definitely shouldn’t share.

An email address here. A phone number there. Maybe even a credit card test number someone left in by mistake.

You could spend 20 minutes doing find-and-replace. Or you could just cross your fingers and hope for the best.

Or, you could paste the whole thing into a tool that redacts everything sensitive in one click, locally, with zero data leaving your machine.

That’s exactly what I built.

It’s called the PII Redactor on Utilora.

How It Actually Works

The core idea is stupidly simple: a bunch of regex patterns run one after another on your text. Every match gets replaced with a placeholder (you can choose what it shows - [REDACTED], [EMAIL], etc.).

What I like is the feedback it gives you. After redaction, it tells you exactly what it found: “3 emails, 2 IPv4 addresses, 1 phone number.” That little summary has saved me more than once when I thought I was safe but actually missed something.

Built-in Filters (The Ones You’ll Use Most)

Out of the box it catches the usual suspects:

  • Email addresses
  • IPv4 and IPv6 addresses
  • US Social Security Numbers (with dashes)
  • Credit card numbers (13–16 digits)
  • Phone numbers (fairly flexible format)

These patterns aren’t perfect (more on that later), but they cover 80-90% of everyday cases.

Custom Patterns = Where It Gets Powerful

This is my favorite part.

Every team has their own internal sensitive formats — order IDs, API key patterns, internal hostnames, employee IDs, etc. You can add your own regex with a label, and it gets treated exactly like the built-ins.

I’ve used it for things like:

  • ORD-[A-Z0-9]{8} style order numbers
  • Specific UUID prefixes used internally
  • Secret patterns that follow a company convention

It Also Handles Files

Drag in a .log, .txt, .json, or .jsonl file and it works the same way. Super handy when someone dumps a giant log in your DMs.

Why Browser-Only Matters

I deliberately made this (and every tool on Utilora) run completely locally. No uploads, no accounts, no tracking.

When you’re dealing with real customer data or production logs, the last thing you want is to send it to yet another third-party service — even a “trusted” one.

This way it’s instant, works offline, and I can use it on planes, in cafes, or behind strict corporate networks without thinking twice.

Honest Limitations

The IPv6 detection is pretty basic right now - it only catches the long form. Compressed IPv6 addresses still slip through.

The credit card detector is deliberately loose. It’ll catch obvious card numbers but can also flag random long numbers. Good enough for most quick redaction jobs, but not production-grade secret scanning.

If you need something more bulletproof for serious compliance work, this isn’t a replacement for dedicated tools — but for day-to-day debugging and sharing, it’s been fantastic.

Try It Yourself

PII Redactor on Utilora

It’s completely free, no sign-up, and nothing ever leaves your browser.

If you work with logs, support tickets, or any kind of data that might contain PII, bookmark it. You’ll probably use it more often than you expect.

Top comments (0)