Hi,

I was thinking of adding log filtering for ActiveJob parameters. I noticed 
in my app that sensitive tokens passed as arguments to AJ were logged and I 
rather not have that. The readme for Devise 
<https://github.com/plataformatec/devise#password-reset-tokens-and-rails-logs> 
also mentions this and suggests raising the log level, which IMO is 
treating the symptom instead of the cause.

With this post I'm hoping to get some guidance regarding implementation. 
Would it be appropriate to reuse the config.filter_parameters array or 
should a new config option be introduced? What would be the best location 
to extract the code from action_dispatch/http/parameter_filter.rb 
<https://github.com/rails/rails/blob/v5.0.0.beta3/actionpack/lib/action_dispatch/http/parameter_filter.rb>
 to 
- or should it be copied to ActiveJob?

Thanks,
Bart

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to rubyonrails-core+unsubscr...@googlegroups.com.
To post to this group, send email to rubyonrails-core@googlegroups.com.
Visit this group at https://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.

Reply via email to