From 62570a8016f9f74e07384ae4f7403ea5b2ced72f Mon Sep 17 00:00:00 2001 From: Eliot Sykes Date: Tue, 20 Nov 2018 08:10:00 +0000 Subject: Add common sensitive names to generated filter parameters These added names are distilled from the filter_parameters config of a number of open source Rails applications. --- .../app/templates/config/initializers/filter_parameter_logging.rb.tt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'railties') diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt index a7d12514e6..eea99edb65 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt @@ -1,4 +1,6 @@ # Be sure to restart your server when you modify this file. # Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password, :secret] +Rails.application.config.filter_parameters += [ + :password, :secret, :token, :_key, :auth, :crypt, :salt, :certificate, :otp, :access, :private, :protected, :ssn +] -- cgit v1.2.3