Q: How do you keep passwords from appearing in plain text in your Rails log file?
filter_parameter_logging
=> Does nothing, just slows the logging process down
filter_parameter_logging :password
=> replaces the value to all keys matching /password/i with "[FILTERED]"
filter_parameter_logging :foo, "bar"
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i
filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i }
=> reverses the value to all keys matching /secret/i, and
replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
(Note that :password
matches password_confirm
too.)
About the Author