From 62570a8016f9f74e07384ae4f7403ea5b2ced72f Mon Sep 17 00:00:00 2001
From: Eliot Sykes <eliotsykes@gmail.com>
Date: Tue, 20 Nov 2018 08:10:00 +0000
Subject: Add common sensitive names to generated filter parameters

These added names are distilled from the filter_parameters config of a
number of open source Rails applications.
---
 .../app/templates/config/initializers/filter_parameter_logging.rb.tt  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'railties')

diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt
index a7d12514e6..eea99edb65 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt
@@ -1,4 +1,6 @@
 # Be sure to restart your server when you modify this file.
 
 # Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += [:password, :secret]
+Rails.application.config.filter_parameters += [
+  :password, :secret, :token, :_key, :auth, :crypt, :salt, :certificate, :otp, :access, :private, :protected, :ssn
+]
-- 
cgit v1.2.3