Commit 437bebb0 authored by Jacob Vosmaer's avatar Jacob Vosmaer

Don't send Private-Token headers to Sentry

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
parent 5e4418b2
......@@ -5,6 +5,7 @@ v 8.13.0 (unreleased)
v 8.12.4 (unreleased)
- Set GitLab project exported file permissions to owner only
- Don't send Private-Token (API authentication) headers to Sentry
v 8.12.2 (unreleased)
- Fix Import/Export not recognising correctly the imported services.
......
......@@ -233,7 +233,7 @@ gem 'net-ssh', '~> 3.0.1'
gem 'base32', '~> 0.3.0'
# Sentry integration
gem 'sentry-raven', '~> 1.1.0'
gem 'sentry-raven', '~> 2.0.0'
gem 'premailer-rails', '~> 1.9.0'
......
......@@ -664,8 +664,8 @@ GEM
activesupport (>= 3.1)
select2-rails (3.5.9.3)
thor (~> 0.14)
sentry-raven (1.1.0)
faraday (>= 0.7.6)
sentry-raven (2.0.2)
faraday (>= 0.7.6, < 0.10.x)
settingslogic (2.0.9)
sexp_processor (4.7.0)
sham_rack (1.3.6)
......@@ -950,7 +950,7 @@ DEPENDENCIES
sdoc (~> 0.3.20)
seed-fu (~> 2.3.5)
select2-rails (~> 3.5.9)
sentry-raven (~> 1.1.0)
sentry-raven (~> 2.0.0)
settingslogic (~> 2.0.9)
sham_rack (~> 1.3.6)
shoulda-matchers (~> 2.8.0)
......
......@@ -50,6 +50,7 @@ module Gitlab
# - Build variables (:variables)
# - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
# - Webhook URLs (:hook)
# - GitLab-shell secret token (:secret_token)
# - Sentry DSN (:sentry_dsn)
# - Deploy keys (:key)
config.filter_parameters += %i(
......@@ -62,6 +63,7 @@ module Gitlab
password
password_confirmation
private_token
secret_token
sentry_dsn
variables
)
......
......@@ -18,6 +18,8 @@ if Rails.env.production?
# Sanitize fields based on those sanitized from Rails.
config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s)
# Sanitize authentication headers
config.sanitize_http_headers = %w[Authorization Private-Token]
config.tags = { program: Gitlab::Sentry.program_context }
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment