Reputation: 970
How to filter parts of your path (not parameters) on logging?
In my routes I have a route similar to GET 'check/:secret.
When I send a request to that route in the logs I see:
Started GET "/check/the-secret-here" for ::1 at 2021-01-14 16:38:01 -0600
...
I want to filter/redact the secret so it looks like:
Started GET "/check/[FILTERED]" for ::1 at 2021-01-14 16:38:01 -0600
...
I'm using Rails 5.1, I've added config.filter_parameters += %i[secret] which does filter the value but only on POST Params.
Upvotes: 3
Views: 554
Answers (1)
Reputation: 12550
What you're describing isn't a parameter but part of the url.
If you're disclosuring your secret as part of a url that could be shared anywhere, probably that won't be something so secret as you're expecting, so maybe is a good idea to change that action to a POST request?
Anyway, if there's any strong reason to keep it in that way, the only thing I can see is monkey-patching your rails instance, specifically ActionDispatch::Http::FilterParameters. So, add in your config/initializers folder:
module ActionDispatch
module Http
module FilterParameters
def filtered_path
# Keep an eye here adding a really good filtering regex, or potentially
# you'll filter more than you were expecting
secret_path = path.gsub(/\/the-secret-here\//, "\/[FILTERED]\/")
@filtered_path ||= query_string.empty? ? secret_path : "#{secret_path}?#{filtered_query_string}"
end
end
end
end
Upvotes: 2
Related Questions
- How can I filter sensitive parameters from the SQL portion of Rails 5 logs?
- How to tell Rails to bypass a parameter filter logging in a particular log
- Disable certain parameters from being logged in Ruby on Rails
- Filtering route parameters
- Filter long log parameters in Rails
- Filtering parameters by pattern
- Rails: Filter sensitive data in JSON parameter from logs
- How to filter nested parameters from Rails logs
- How to filter logs in Rails
- Filtering parts or all of request URL from rails logs