Q: How do you keep passwords from appearing in plain text in your Rails log file?
filter_parameter_logging
=> Does nothing, just slows the logging process down
filter_parameter_logging :password
=> replaces the value to all keys matching /password/i with "[FILTERED]"
filter_parameter_logging :foo, "bar"
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i
filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i, and
replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
(Note that :password matches password_confirm too.)
Dude, that’s so 85 days ago.
December 12, 2007 at 11:50 pm
Hey, I searched for “filter password logs” and none of those terms were in the original post!
December 12, 2007 at 11:50 pm