Commit 07217fb1 authored by Douwe Maan's avatar Douwe Maan Committed by Alejandro Rodriguez

Merge branch 'rs-filter-authentication_token' into 'security'

Add authentication_token to filter_parameters list

See merge request !2041
parent ab95492b
......@@ -45,7 +45,7 @@ module Gitlab
#
# Parameters filtered:
# - Password (:password, :password_confirmation)
# - Private tokens (:private_token)
# - Private tokens (:private_token, :authentication_token)
# - Two-factor tokens (:otp_attempt)
# - Repo/Project Import URLs (:import_url)
# - Build variables (:variables)
......@@ -55,6 +55,7 @@ module Gitlab
# - Sentry DSN (:sentry_dsn)
# - Deploy keys (:key)
config.filter_parameters += %i(
authentication_token
certificate
encrypted_key
hook
......
......@@ -15,7 +15,7 @@ if Rails.env.production?
Raven.configure do |config|
config.dsn = current_application_settings.sentry_dsn
config.release = Gitlab::REVISION
# Sanitize fields based on those sanitized from Rails.
config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s)
# Sanitize authentication headers
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment