Allows you to specify sensitive parameters which will be replaced from the request log by looking in the query string of the request and all sub-hashes of the params hash to filter. Filtering only certain sub-keys from a hash is possible by using the dot notation: 'credit_card.number'. If a block is given, each key and value of the params hash and all sub-hashes is passed to it, the value or key can be replaced using String#replace or similar method.
env["action_dispatch.parameter_filter"] = [:password]
=> replaces the value to all keys matching /password/i with "[FILTERED]"
env["action_dispatch.parameter_filter"] = [:foo, "bar"]
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
env["action_dispatch.parameter_filter"] = [ "credit_card.code" ]
=> replaces { credit_card: {code: "xxxx"} } with "[FILTERED]", does not
change { file: { code: "xxxx"} }
env["action_dispatch.parameter_filter"] = -> (k, v) do
v.reverse! if k =~ /secret/i
end
=> reverses the value to all keys matching /secret/i
Methods
- E
- F
- N
- P
Constants
ENV_MATCH | = | [/RAW_POST_DATA/, "rack.request.form_vars"] |
NULL_PARAM_FILTER | = | ParameterFilter.new |
NULL_ENV_FILTER | = | ParameterFilter.new ENV_MATCH |
KV_RE | = | "[^&;=]+" |
PAIR_RE | = | %r{(#{KV_RE})=(#{KV_RE})} |
Class Public methods
new()
Link
Instance Public methods
filtered_env()
Link
Returns a hash of request.env with all sensitive data replaced.
filtered_parameters()
Link
Returns a hash of parameters with all sensitive data replaced.
filtered_path()
Link
Reconstructed a path with all sensitive GET parameters replaced.
Instance Private methods
env_filter()
Link
filtered_query_string()
Link
parameter_filter()
Link