Ben
Reputation: 5182
Rails4 // Protect visibility of parameters
Is it possible, like it is for the "password" parameter in devise for example, to declare other parameters that would need to be hidden from logs ? If possible, how should it be done ?
Upvotes: 0
Views: 26
Answers (1)
raphael_turtle
Reputation: 7314
You add any parameters you want to filter to the file config/initializers/filter_parameter_logging.rb
# Be sure to restart your server when you modify this file.
# Configure sensitive parameters which will be filtered from the log file.
Rails.application.config.filter_parameters += [:password]
password is already filtered so just add any others to the array [:password,:hidden_parameter]
Upvotes: 1
Related Questions
- Permit custom created params in rails
- Is it safe to pass params via hidden tag in Rails 4?
- Strong params and security
- How to pass parameter in Rails routes but protect it from user setting it
- rails 4 use strong_parameter or use protected_attribute with attr_accessible
- Rails Permitting Parameters
- secure params in ruby on rails
- Redundant security by deleting protected params?
- Secure hidden variables in rails?
- How to restrict params Rails passes to an object?