Yeah, we get that too. We don't worry about it though, since the "Routed to" message is logged at the "debug" level, while the "Params" message is logged at the "info" level, and we never log the production servers at "debug" level.
matt On Jan 19, 3:53 pm, NY <[email protected]> wrote: > Thanks matt. It worked for most of the cases, however, one of my apps > shows the log like this: > > merb : worker (port 4042) ~ Routed to: {"action"=>"create_users", > "controller"=>"users", "id" => "test", "password" => "111111"} > merb : worker (port 4042) ~ Params: {"action"=>"create_users", > "controller"=>"users", "id" => "test", "password" => "[FILTERED]"} > > I used the password filter like: > > log_params_filtered :password > > The password was filtered on the Params line but still shown in the > Routed to line. > > Have anybody seen this and had a solution? Thanks. > > On Jan 14, 2:10 pm, mattalbright <[email protected]> wrote: > > > gem install merb-param-protection > > >http://www.merbivore.com/documentation/1.0/doc/rdoc/merb-param-protec... > > > matt > > > On Jan 14, 1:17 pm, NY <[email protected]> wrote: > > > > For example, for a password field on the web page, I want the value of > > > the param to be passed to the controller by using params[:password] in > > > the controller, but I don't want this to show up in the log output > > > like: > > > > Params: {"format"=>nil, "action"=>"show", "id"=>"foo", > > > "controller"=>"users", "password" => "123456"} > > > > Is there an easy way to mask or remove the "password" param from the > > > log output and still be able to use it in the controller? > > > > Thanks.
-- You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/merb?hl=en.
