Alex Chaffee's blog
Q: How do you keep passwords from appearing in plain text in your Rails log file?
filter_parameter_logging
=> Does nothing, just slows the logging process down
filter_parameter_logging :password
=> replaces the value to all keys matching /password/i with "[FILTERED]"
filter_parameter_logging :foo, "bar"
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i
filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i, and
replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
(Note that :password matches password_confirm too.)
(Blabbers who were at the conference, feel free to add your links to this post.)
- Alex's RailsConf2007 Flickr set
- railsconf2007 Flickr tag (notice all the band pix :-) )
- Parker's Flickr Set
- Martin Fowler's bliki post on RailsConf
- Tim Bray on the band
It was fate. A crew of Pivots in Portland on the same weekend as the Extra Action Marching Band We just had to seize the opportunity...
Will they be making an appearance at our Beer Night tonight? You never know...