• Stan Hu's avatar
    Filter additional secrets from Rails logs · d74fecac
    Stan Hu authored
    Upon inspection of logs, there were a number of fields not filtered. For example:
    
    * authenticity_token: CSRF token
    * rss_token: Used for RSS feeds
    * secret: Used with Projects::UploadController
    
    Rails provides a way to match regexps, so we now filter:
    
    * Any parameter ending with `_token`
    * Any parameter containing `password`
    * Any parameter containing `secret`
    d74fecac
application.rb 7.37 KB