diff options
| author | Cindy Pallares <cindy@gitlab.com> | 2018-11-28 21:36:11 +0300 |
|---|---|---|
| committer | Cindy Pallares <cindy@gitlab.com> | 2018-11-29 03:06:30 +0300 |
| commit | 3881285c2b901cfeac58b5e6bdf54ec7bd46612f (patch) | |
| tree | cfd90a1e55b2216efb42ac59f308611280a2e95b | |
| parent | 335434ca989ed018f1a1d1d25b3296563d6d19ad (diff) | |
Merge branch 'security-182-update-workhorse' into 'master'
[Master] Redact sensitive information on gitlab-workhorse log
See merge request gitlab/gitlabhq!2584
| -rw-r--r-- | changelogs/unreleased/security-182-update-workhorse.yml | 5 | ||||
| -rw-r--r-- | config/application.rb | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-182-update-workhorse.yml b/changelogs/unreleased/security-182-update-workhorse.yml new file mode 100644 index 00000000000..76850901b68 --- /dev/null +++ b/changelogs/unreleased/security-182-update-workhorse.yml @@ -0,0 +1,5 @@ +--- +title: Redact sensitive information on gitlab-workhorse log +merge_request: +author: +type: security diff --git a/config/application.rb b/config/application.rb index 5804d8fd27b..63a5b483fc2 100644 --- a/config/application.rb +++ b/config/application.rb @@ -103,6 +103,9 @@ module Gitlab # - Webhook URLs (:hook) # - Sentry DSN (:sentry_dsn) # - File content from Web Editor (:content) + # + # NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not + # introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182 config.filter_parameters += [/token$/, /password/, /secret/, /key$/] config.filter_parameters += %i( certificate |