SANITIZE FIELD NAMES in body when contain sensitive values

I'm trying to sanitize sensitive fields in body, but I can't do this. It's not work to me.

func NewGorillaMux() Http {
	router := mux.NewRouter().PathPrefix("/").Subrouter()
	router.Use(middleware.NewCorsMiddleware("*").Apply)
	router.Use(middleware.NewAuthorizationMiddleware(getAllPathsAlloweds()).Apply)
	router.Use(middleware.NewContentTypeApplicationJson().Apply)

	apmgorilla.Instrument(router) // APM here

	return GorillaMux{Router: router}
}

I'm using environment variables:

ELASTIC_APM_CAPTURE_BODY=all;
ELASTIC_APM_SANITIZE_FIELD_NAMES=credit_card_namber,password;

But when I test my request I can see that it's not work.

I could see on doc "A list of patterns to match the names of HTTP headers, cookies, and POST form fields to redact." and I'm not sure when they said "POST form fields" means request with JSON body too;

So, What's wrong I'm making and how I can do this works?

I'm using by:
APM Server version v2.2.0:
APM Agent language and version golang 1.18.1:
http://go.elastic.co/apm/module/apmgorilla/v2