alex blabs

Rails Filter Parameter Logging

edit Posted by Alex Chaffee on Wednesday May 30, 2007 at 10:55PM

Q: How do you keep passwords from appearing in plain text in your Rails log file?

filter_parameter_logging
=> Does nothing, just slows the logging process down

filter_parameter_logging :password
=> replaces the value to all keys matching /password/i with "[FILTERED]"

filter_parameter_logging :foo, "bar"
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"

filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i

filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i, and
   replaces the value to all keys matching /foo|bar/i with "[FILTERED]"

(Note that :password matches password_confirm too.)

Ruby on Rails

2 comment(s)

permalink

Comments

Dav on May 31, 2007 at 01:51AM

Dude, that's so 85 days ago.

remove
Alex Chaffee on May 31, 2007 at 08:08PM

Hey, I searched for "filter password logs" and none of those terms were in the original post!

remove

loose lips sink ships

Categories

Recent Comments

Archives

Syndicate (RSS)

Syndicate (Atom)

Links

Bookmark This Page

Rails Filter Parameter Logging

Comments

Add a Comment (MarkDown available)