From e2cc500e4e6b27bd158a84cf7d38768fd28fa642 Mon Sep 17 00:00:00 2001
From: Andrew Newdigate <andrew@gitlab.com>
Date: Thu, 14 Feb 2019 09:25:25 +0200
Subject: Filter note parameters

This change adds `note` to the Rails `filter_parameters` configuration.
---
 config/application.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/application.rb')

diff --git a/config/application.rb b/config/application.rb
index 92a3d031c63..49e7f5836e4 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -97,7 +97,7 @@ module Gitlab
     #
     # NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not
     #       introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182
-    config.filter_parameters += [/token$/, /password/, /secret/, /key$/]
+    config.filter_parameters += [/token$/, /password/, /secret/, /key$/, /^note$/, /^text$/]
     config.filter_parameters += %i(
       certificate
       encrypted_key
-- 
cgit v1.2.3