Merge branch 'filter-private-token-param' into 'master'

Filter private_token and password_confirmation params from logs. Closes #1770. ``` Started GET "/profile?private_token=[FILTERED]" for 127.0.0.1 at 2015-02-06 22:54:03 +0100 Processing by ProfilesController#show as HTML Parameters: {"private_token"=>"[FILTERED]"} ``` See merge request !1483

Merge branch 'filter-private-token-param' into 'master'
Filter private_token and password_confirmation params from logs. Closes #1770. ``` Started GET "/profile?private_token=[FILTERED]" for 127.0.0.1 at 2015-02-06 22:54:03 +0100 Processing by ProfilesController#show as HTML Parameters: {"private_token"=>"[FILTERED]"} ``` See merge request !1483
2c3fe16f · Dmitriy Zaporozhets · 5bf33f97 · 8d1fa44f · 2c3fe16f
Commit 2c3fe16f authored Feb 07, 2015 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

config/application.rb config/application.rb +1 -1

No files found.
--- a/config/application.rb
+++ b/config/application.rb
@@ -31,7 +31,7 @@ module Gitlab
    config.encoding = "utf-8"

    # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters.push(*[:password])
+    config.filter_parameters.push(:password, :password_confirmation, :private_token)

    # Enable escaping HTML in JSON.
    config.active_support.escape_html_entities_in_json = true