On Mon, Feb 23, 2009 at 8:38 AM, Fernando Perez < [email protected]> wrote:
> > Hi, > > I just noticed that when users register or login to my website (I use > restful_auth), their password gets printed out in the production.log > file. How can I prevent that? I consider this a major security issue. > > SSL is used to prevent eavesdropping and passwords are stored encrypted > in DB by the way, but I never thought about log files. Hi, please remember google is your friend: a) Google is your friend http://www.google.com/search?hl=en&rlz=1G1GGLQ_ENUS307&q=filter+logging+of+password+rails&btnG=Search b) Api Documents is also a good resource http://api.rubyonrails.org Note: If you search for password, you'll also find a reference for ' filter_parameter_logging' Good luck, -Conrad --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
