blob: 9c5b6a6b883c0e81d9fe4bbaffe7416fb96db9fd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/hash/keys'
require 'active_support/core_ext/object/duplicable'
module ActionDispatch
module Http
# Allows you to specify sensitive parameters which will be replaced from
# the request log by looking in the query string of the request and all
# subhashes of the params hash to filter. If a block is given, each key and
# value of the params hash and all subhashes is passed to it, the value
# or key can be replaced using String#replace or similar method.
#
# Examples:
#
# env["action_dispatch.parameter_filter"] = [:password]
# => replaces the value to all keys matching /password/i with "[FILTERED]"
#
# env["action_dispatch.parameter_filter"] = [:foo, "bar"]
# => replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
#
# env["action_dispatch.parameter_filter"] = lambda do |k,v|
# v.reverse! if k =~ /secret/i
# end
# => reverses the value to all keys matching /secret/i
#
module FilterParameters
extend ActiveSupport::Concern
@@parameter_filter_for = {}
# Return a hash of parameters with all sensitive data replaced.
def filtered_parameters
@filtered_parameters ||= parameter_filter.filter(parameters)
end
# Clear any filtered parameters forcing them to be filtered again.
def clear_filtered_parameters
@filtered_parameters = nil
end
# Return a hash of request.env with all sensitive data replaced.
def filtered_env
@filtered_env ||= env_filter.filter(@env)
end
# Reconstructed a path with all sensitive GET parameters replaced.
def filtered_path
@filtered_path ||= query_string.empty? ? path : "#{path}?#{filtered_query_string}"
end
protected
def parameter_filter
parameter_filter_for(@env["action_dispatch.parameter_filter"])
end
def env_filter
parameter_filter_for(Array.wrap(@env["action_dispatch.parameter_filter"]) << /RAW_POST_DATA/)
end
def parameter_filter_for(filters)
@@parameter_filter_for[filters] ||= ParameterFilter.new(filters)
end
KV_RE = '[^&;=]+'
PAIR_RE = %r{(#{KV_RE})=(#{KV_RE})}
def filtered_query_string
query_string.gsub(PAIR_RE) do |_|
parameter_filter.filter([[$1, $2]]).first.join("=")
end
end
end
end
end
|
