Merge branch 'rs-filter-authentication_token' into 'security'

Add authentication_token to filter_parameters list See merge request !2041

Merge branch 'rs-filter-authentication_token' into 'security'
Add authentication_token to filter_parameters list See merge request !2041
07217fb1 · Douwe Maan · Alejandro Rodriguez · ab95492b · 07217fb1 · 07217fb1
Commit 07217fb1 authored Dec 06, 2016 by Douwe Maan Committed by Alejandro Rodriguez Dec 07, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

config/application.rb config/application.rb +2 -1

config/initializers/sentry.rb config/initializers/sentry.rb +1 -1

No files found.
--- a/config/application.rb
+++ b/config/application.rb
@@ -45,7 +45,7 @@ module Gitlab
    #
    # Parameters filtered:
    # - Password (:password, :password_confirmation)
-    # - Private tokens (:private_token)
+    # - Private tokens (:private_token, :authentication_token)
    # - Two-factor tokens (:otp_attempt)
    # - Repo/Project Import URLs (:import_url)
    # - Build variables (:variables)
@@ -55,6 +55,7 @@ module Gitlab
    # - Sentry DSN (:sentry_dsn)
    # - Deploy keys (:key)
    config.filter_parameters += %i(
+      authentication_token
      certificate
      encrypted_key
      hook

--- a/config/initializers/sentry.rb
+++ b/config/initializers/sentry.rb
@@ -15,7 +15,7 @@ if Rails.env.production?
    Raven.configure do |config|
      config.dsn = current_application_settings.sentry_dsn
      config.release = Gitlab::REVISION
      # Sanitize fields based on those sanitized from Rails.
      config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s)
      # Sanitize authentication headers