diff options
author | Paco Guzman <pacoguzmanp@gmail.com> | 2016-06-17 10:00:51 +0200 |
---|---|---|
committer | Paco Guzman <pacoguzmanp@gmail.com> | 2016-06-17 18:14:25 +0200 |
commit | 2e552c6bf0a867b18298409217688f8c14e56207 (patch) | |
tree | f24f99403f02546244ce72a46c18876188c297d7 /spec/lib | |
parent | 7b944e01bddea2ae2ee8e4f68976df9cd8ce63bc (diff) | |
download | gitlab-ce-2e552c6bf0a867b18298409217688f8c14e56207.tar.gz |
Filter out sensitive parameters of metrics data
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/metrics/rack_middleware_spec.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/spec/lib/gitlab/metrics/rack_middleware_spec.rb b/spec/lib/gitlab/metrics/rack_middleware_spec.rb index 40289f8b972..f264ed64029 100644 --- a/spec/lib/gitlab/metrics/rack_middleware_spec.rb +++ b/spec/lib/gitlab/metrics/rack_middleware_spec.rb @@ -58,6 +58,22 @@ describe Gitlab::Metrics::RackMiddleware do expect(transaction.values[:request_method]).to eq('GET') expect(transaction.values[:request_uri]).to eq('/foo') end + + context "when URI includes sensitive parameters" do + let(:env) do + { + 'REQUEST_METHOD' => 'GET', + 'REQUEST_URI' => '/foo?private_token=my-token', + 'PATH_INFO' => '/foo', + 'QUERY_STRING' => 'private_token=my_token', + 'action_dispatch.parameter_filter' => [:private_token] + } + end + + it 'stores the request URI with the sensitive parameters filtered' do + expect(transaction.values[:request_uri]).to eq('/foo?private_token=[FILTERED]') + end + end end describe '#tag_controller' do |