Skip to content

G
gitlab-ce
Commit bd0bfdd1 authored by Mark Chao's avatar Mark Chao
Browse files
Options

Redact sensitive information on workhorse log

parent a033faa2
Hide whitespace changes
Inline Side-by-side
Showing with 9 additions and 1 deletion
changelogs/unreleased/security-182-update-workhorse.yml 0 → 100644
View file @ bd0bfdd1
---
title: Redact sensitive information on gitlab-workhorse log
merge_request:
author:
type: security
config/application.rb
View file @ bd0bfdd1
...@@ -97,6 +97,9 @@ module Gitlab ...@@ -97,6 +97,9 @@ module Gitlab
# - Webhook URLs (:hook) # - Webhook URLs (:hook)
# - Sentry DSN (:sentry_dsn) # - Sentry DSN (:sentry_dsn)
# - File content from Web Editor (:content) # - File content from Web Editor (:content)
#
# NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not
# introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182
config.filter_parameters += [/token$/, /password/, /secret/, /key$/] config.filter_parameters += [/token$/, /password/, /secret/, /key$/]
config.filter_parameters += %i( config.filter_parameters += %i(
certificate certificate
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7