From 8d3debe4cc964d830a2f21a7e950f143cc9008ca Mon Sep 17 00:00:00 2001
From: Connor Shea <connor.james.shea@gmail.com>
Date: Thu, 28 Apr 2016 12:12:03 -0600
Subject: Add more parameters to the filter_parameters config.

Adds Sentry DSN, Webhooks, Deploy Keys, etc.

Alphabetized the parameters and included line breaks between each parameter. Easier to merge into EE if there are any differences.

This also seems to be the more popular syntax for adding new parameters, from what I can find.
---
 config/application.rb | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 'config/application.rb')

diff --git a/config/application.rb b/config/application.rb
index 2e2ed48db07..b602e2b6168 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -32,7 +32,30 @@ module Gitlab
     config.encoding = "utf-8"
 
     # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters.push(:password, :password_confirmation, :private_token, :otp_attempt, :variables, :import_url)
+    # 
+    # Parameters filtered:
+    # - Password (:password, :password_confirmation)
+    # - Private tokens (:private_token)
+    # - Two-factor tokens (:otp_attempt)
+    # - Repo/Project Import URLs (:import_url)
+    # - Build variables (:variables)
+    # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
+    # - Webhook URLs (:hook)
+    # - Sentry DSN (:sentry_dsn)
+    # - Deploy keys (:key)
+    config.filter_parameters += %i(
+      certificate
+      encrypted_key
+      hook
+      import_url
+      key
+      otp_attempt
+      password
+      password_confirmation
+      private_token
+      sentry_dsn
+      variables
+    )
 
     # Enable escaping HTML in JSON.
     config.active_support.escape_html_entities_in_json = true
-- 
cgit v1.2.3