diff options
| author | bogdanvlviv <bogdanvlviv@gmail.com> | 2018-09-10 12:39:07 +0300 |
|---|---|---|
| committer | bogdanvlviv <bogdanvlviv@gmail.com> | 2018-09-12 18:51:55 +0300 |
| commit | 9945cd097a46771aedfcb9abc110419198452022 (patch) | |
| tree | 49f6ba832f20f0cc59d86fb35802afe099b63693 | |
| parent | ce1248a5b8944606e91edf1bc4f1f4962a4f658d (diff) | |
| download | rails-9945cd097a46771aedfcb9abc110419198452022.tar.gz rails-9945cd097a46771aedfcb9abc110419198452022.tar.bz2 rails-9945cd097a46771aedfcb9abc110419198452022.zip | |
Clarify docs of `config.filter_parameters` and `#filter_attributes`
Add mention that `config.filter_parameters` also filters out sensitive
values of database columns when call `#inspect` since #33756.
| -rw-r--r-- | activerecord/lib/active_record/core.rb | 2 | ||||
| -rw-r--r-- | guides/source/configuring.md | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/activerecord/lib/active_record/core.rb b/activerecord/lib/active_record/core.rb index 82cf7563a2..4f10cddc87 100644 --- a/activerecord/lib/active_record/core.rb +++ b/activerecord/lib/active_record/core.rb @@ -126,7 +126,7 @@ module ActiveRecord class_attribute :default_connection_handler, instance_writer: false ## - # Specifies columns which don't want to be exposed while calling #inspect + # Specifies columns which shouldn't be exposed while calling #inspect. class_attribute :filter_attributes, instance_writer: false, default: [] def self.connection_handler diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 892634c261..4c508f77f1 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -104,7 +104,7 @@ application. Accepts a valid week day symbol (e.g. `:monday`). * `config.filter_parameters` used for filtering out the parameters that you don't want shown in the logs, such as passwords or credit card -numbers. By default, Rails filters out passwords by adding `Rails.application.config.filter_parameters += [:password]` in `config/initializers/filter_parameter_logging.rb`. Parameters filter works by partial matching regular expression. +numbers. It also filters out sensitive values of database columns when call `#inspect` on an Active Record object. By default, Rails filters out passwords by adding `Rails.application.config.filter_parameters += [:password]` in `config/initializers/filter_parameter_logging.rb`. Parameters filter works by partial matching regular expression. * `config.force_ssl` forces all requests to be served over HTTPS by using the `ActionDispatch::SSL` middleware, and sets `config.action_mailer.default_url_options` to be `{ protocol: 'https' }`. This can be configured by setting `config.ssl_options` - see the [ActionDispatch::SSL documentation](http://api.rubyonrails.org/classes/ActionDispatch/SSL.html) for details. |