summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorJosh Frye <joshfng@gmail.com>2016-03-10 21:22:46 -0500
committerJosh Frye <joshfng@gmail.com>2016-03-10 21:22:46 -0500
commit36ddca101e05ce885f23e9a797c577e81f70ab16 (patch)
treeffdecf4163679aea514288eb907a2a47687bb929 /config
parentf7da99aef7044592d957df750dcf6e4185c51694 (diff)
downloadgitlab-ce-36ddca101e05ce885f23e9a797c577e81f70ab16.tar.gz
Filter import_url params because they may contain auth information. Fixes #14199filter-import-url
Diffstat (limited to 'config')
-rw-r--r--config/application.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/config/application.rb b/config/application.rb
index d8d1e7b4679..2b103c4592d 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -34,7 +34,7 @@ module Gitlab
config.encoding = "utf-8"
# Configure sensitive parameters which will be filtered from the log file.
- config.filter_parameters.push(:password, :password_confirmation, :private_token, :otp_attempt, :variables)
+ config.filter_parameters.push(:password, :password_confirmation, :private_token, :otp_attempt, :variables, :import_url)
# Enable escaping HTML in JSON.
config.active_support.escape_html_entities_in_json = true