diff options
| author | Sean McGivern <sean@gitlab.com> | 2019-07-30 13:07:28 +0300 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2019-07-30 13:07:28 +0300 |
| commit | 08d081ca8e665fe644a00d0054fdede69869290a (patch) | |
| tree | 485facbefb0a7c23af9e454b98a2e6010e0a10fe /config/application.rb | |
| parent | 004b72fe165a38dd97cab1fb531f1094261a4eba (diff) | |
Filter title, description, and body from logs
These can contain sensitive content.
Diffstat (limited to 'config/application.rb')
| -rw-r--r-- | config/application.rb | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/config/application.rb b/config/application.rb index 92240426b5a..449e14a0162 100644 --- a/config/application.rb +++ b/config/application.rb @@ -105,10 +105,23 @@ module Gitlab # - Sentry DSN (:sentry_dsn) # - File content from Web Editor (:content) # - Jira shared secret (:sharedSecret) + # - Titles, bodies, and descriptions for notes, issues, etc. # - # NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not - # introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182 - config.filter_parameters += [/token$/, /password/, /secret/, /key$/, /^note$/, /^text$/] + # NOTE: It is **IMPORTANT** to also update labkit's filter when + # adding parameters here to not introduce another security + # vulnerability: + # https://gitlab.com/gitlab-org/labkit/blob/master/mask/matchers.go + config.filter_parameters += [ + /token$/, + /password/, + /secret/, + /key$/, + /^body$/, + /^description$/, + /^note$/, + /^text$/, + /^title$/ + ] config.filter_parameters += %i( certificate encrypted_key |