summaryrefslogtreecommitdiff
path: root/config/application.rb
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2017-09-10 07:05:55 -0700
committerStan Hu <stanhu@gmail.com>2017-09-10 07:05:55 -0700
commit66882ff3656607abae4157ac4210597f75aff2dc (patch)
tree15f01d665dbbf276baa9679b5e411845a018ea34 /config/application.rb
parent5d952f756bcf0355fc5d86d819dfc6913c0ae351 (diff)
downloadgitlab-ce-66882ff3656607abae4157ac4210597f75aff2dc.tar.gz
Expand filtered parameters to include `token`sh-filter-runner-token
Now that we are logging API requests in `api_json.log`, we see that the runner token was not filtered properly.
Diffstat (limited to 'config/application.rb')
-rw-r--r--config/application.rb4
1 files changed, 2 insertions, 2 deletions
diff --git a/config/application.rb b/config/application.rb
index 32a290f2002..da9bb25c8b9 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -51,7 +51,7 @@ module Gitlab
# Configure sensitive parameters which will be filtered from the log file.
#
# Parameters filtered:
- # - Any parameter ending with `_token`
+ # - Any parameter ending with `token`
# - Any parameter containing `password`
# - Any parameter containing `secret`
# - Two-factor tokens (:otp_attempt)
@@ -61,7 +61,7 @@ module Gitlab
# - Webhook URLs (:hook)
# - Sentry DSN (:sentry_dsn)
# - Deploy keys (:key)
- config.filter_parameters += [/_token$/, /password/, /secret/]
+ config.filter_parameters += [/token$/, /password/, /secret/]
config.filter_parameters += %i(
certificate
encrypted_key