Merge branch 'filter-private-token-param' into 'master'

Filter private_token and password_confirmation params from logs. Closes #1770. ``` Started GET "/profile?private_token=[FILTERED]" for 127.0.0.1 at 2015-02-06 22:54:03 +0100 Processing by ProfilesController#show as HTML Parameters: {"private_token"=>"[FILTERED]"} ``` See merge request !1483
author: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2015-02-07 19:43:34 +0000
committer: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2015-02-07 19:43:34 +0000
commit: 2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553 (patch)
tree: a384097dea52de4672f11fb9d308d46fdc6f3aa0 /config
parent: 5bf33f977c16757dbf669fe2b25b09da406508dd (diff)
parent: 8d1fa44f2327f88d00bee6d51da96291a73188a1 (diff)
download: gitlab-ce-2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/config/application.rb b/config/application.rb
index 24ba219cf3a..bd4578848c5 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -31,7 +31,7 @@ module Gitlab
     config.encoding = "utf-8"
 
     # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters.push(*[:password])
+    config.filter_parameters.push(:password, :password_confirmation, :private_token)
 
     # Enable escaping HTML in JSON.
     config.active_support.escape_html_entities_in_json = true
author	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2015-02-07 19:43:34 +0000
committer	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2015-02-07 19:43:34 +0000
commit	2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553 (patch)
tree	a384097dea52de4672f11fb9d308d46fdc6f3aa0 /config
parent	5bf33f977c16757dbf669fe2b25b09da406508dd (diff)
parent	8d1fa44f2327f88d00bee6d51da96291a73188a1 (diff)
download	gitlab-ce-2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553.tar.gz