diff options
author | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-02-07 19:43:34 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-02-07 19:43:34 +0000 |
commit | 2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553 (patch) | |
tree | a384097dea52de4672f11fb9d308d46fdc6f3aa0 /config | |
parent | 5bf33f977c16757dbf669fe2b25b09da406508dd (diff) | |
parent | 8d1fa44f2327f88d00bee6d51da96291a73188a1 (diff) | |
download | gitlab-ce-2c3fe16fbbf48cf750d6d4d106b0886bf2bfb553.tar.gz |
Merge branch 'filter-private-token-param' into 'master'
Filter private_token and password_confirmation params from logs.
Closes #1770.
```
Started GET "/profile?private_token=[FILTERED]" for 127.0.0.1 at 2015-02-06 22:54:03 +0100
Processing by ProfilesController#show as HTML
Parameters: {"private_token"=>"[FILTERED]"}
```
See merge request !1483
Diffstat (limited to 'config')
-rw-r--r-- | config/application.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/application.rb b/config/application.rb index 24ba219cf3a..bd4578848c5 100644 --- a/config/application.rb +++ b/config/application.rb @@ -31,7 +31,7 @@ module Gitlab config.encoding = "utf-8" # Configure sensitive parameters which will be filtered from the log file. - config.filter_parameters.push(*[:password]) + config.filter_parameters.push(:password, :password_confirmation, :private_token) # Enable escaping HTML in JSON. config.active_support.escape_html_entities_in_json = true |