diff options
| author | Jacob Vosmaer <jacob@gitlab.com> | 2016-10-04 16:35:41 +0200 |
|---|---|---|
| committer | Jacob Vosmaer <jacob@gitlab.com> | 2016-10-04 16:57:01 +0200 |
| commit | 437bebb0ff6e7deba6fd157ec6b55112e125731f (patch) | |
| tree | bd6eaf4bc4fe25d95a9390299fd3b3d44311acef | |
| parent | 5e4418b23850947752134a04e4e42a1a22c7aac9 (diff) | |
| download | gitlab-ce-437bebb0ff6e7deba6fd157ec6b55112e125731f.tar.gz | |
Don't send Private-Token headers to Sentry
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | Gemfile | 2 | ||||
| -rw-r--r-- | Gemfile.lock | 6 | ||||
| -rw-r--r-- | config/application.rb | 2 | ||||
| -rw-r--r-- | config/initializers/sentry.rb | 2 |
5 files changed, 9 insertions, 4 deletions
diff --git a/CHANGELOG b/CHANGELOG index c243920283c..84a6702907f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -5,6 +5,7 @@ v 8.13.0 (unreleased) v 8.12.4 (unreleased) - Set GitLab project exported file permissions to owner only + - Don't send Private-Token (API authentication) headers to Sentry v 8.12.2 (unreleased) - Fix Import/Export not recognising correctly the imported services. @@ -233,7 +233,7 @@ gem 'net-ssh', '~> 3.0.1' gem 'base32', '~> 0.3.0' # Sentry integration -gem 'sentry-raven', '~> 1.1.0' +gem 'sentry-raven', '~> 2.0.0' gem 'premailer-rails', '~> 1.9.0' diff --git a/Gemfile.lock b/Gemfile.lock index 1db8c9dd8c8..66e566de3c1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -664,8 +664,8 @@ GEM activesupport (>= 3.1) select2-rails (3.5.9.3) thor (~> 0.14) - sentry-raven (1.1.0) - faraday (>= 0.7.6) + sentry-raven (2.0.2) + faraday (>= 0.7.6, < 0.10.x) settingslogic (2.0.9) sexp_processor (4.7.0) sham_rack (1.3.6) @@ -950,7 +950,7 @@ DEPENDENCIES sdoc (~> 0.3.20) seed-fu (~> 2.3.5) select2-rails (~> 3.5.9) - sentry-raven (~> 1.1.0) + sentry-raven (~> 2.0.0) settingslogic (~> 2.0.9) sham_rack (~> 1.3.6) shoulda-matchers (~> 2.8.0) diff --git a/config/application.rb b/config/application.rb index 4792f6670a8..f5c900da8cf 100644 --- a/config/application.rb +++ b/config/application.rb @@ -50,6 +50,7 @@ module Gitlab # - Build variables (:variables) # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key) # - Webhook URLs (:hook) + # - GitLab-shell secret token (:secret_token) # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) config.filter_parameters += %i( @@ -62,6 +63,7 @@ module Gitlab password password_confirmation private_token + secret_token sentry_dsn variables ) diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb index 5892c1de024..4f30d1265c8 100644 --- a/config/initializers/sentry.rb +++ b/config/initializers/sentry.rb @@ -18,6 +18,8 @@ if Rails.env.production? # Sanitize fields based on those sanitized from Rails. config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s) + # Sanitize authentication headers + config.sanitize_http_headers = %w[Authorization Private-Token] config.tags = { program: Gitlab::Sentry.program_context } end end |