Commit 437bebb0 authored by Jacob Vosmaer's avatar Jacob Vosmaer

Don't send Private-Token headers to Sentry

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
parent 5e4418b2
...@@ -5,6 +5,7 @@ v 8.13.0 (unreleased) ...@@ -5,6 +5,7 @@ v 8.13.0 (unreleased)
v 8.12.4 (unreleased) v 8.12.4 (unreleased)
- Set GitLab project exported file permissions to owner only - Set GitLab project exported file permissions to owner only
- Don't send Private-Token (API authentication) headers to Sentry
v 8.12.2 (unreleased) v 8.12.2 (unreleased)
- Fix Import/Export not recognising correctly the imported services. - Fix Import/Export not recognising correctly the imported services.
......
...@@ -233,7 +233,7 @@ gem 'net-ssh', '~> 3.0.1' ...@@ -233,7 +233,7 @@ gem 'net-ssh', '~> 3.0.1'
gem 'base32', '~> 0.3.0' gem 'base32', '~> 0.3.0'
# Sentry integration # Sentry integration
gem 'sentry-raven', '~> 1.1.0' gem 'sentry-raven', '~> 2.0.0'
gem 'premailer-rails', '~> 1.9.0' gem 'premailer-rails', '~> 1.9.0'
......
...@@ -664,8 +664,8 @@ GEM ...@@ -664,8 +664,8 @@ GEM
activesupport (>= 3.1) activesupport (>= 3.1)
select2-rails (3.5.9.3) select2-rails (3.5.9.3)
thor (~> 0.14) thor (~> 0.14)
sentry-raven (1.1.0) sentry-raven (2.0.2)
faraday (>= 0.7.6) faraday (>= 0.7.6, < 0.10.x)
settingslogic (2.0.9) settingslogic (2.0.9)
sexp_processor (4.7.0) sexp_processor (4.7.0)
sham_rack (1.3.6) sham_rack (1.3.6)
...@@ -950,7 +950,7 @@ DEPENDENCIES ...@@ -950,7 +950,7 @@ DEPENDENCIES
sdoc (~> 0.3.20) sdoc (~> 0.3.20)
seed-fu (~> 2.3.5) seed-fu (~> 2.3.5)
select2-rails (~> 3.5.9) select2-rails (~> 3.5.9)
sentry-raven (~> 1.1.0) sentry-raven (~> 2.0.0)
settingslogic (~> 2.0.9) settingslogic (~> 2.0.9)
sham_rack (~> 1.3.6) sham_rack (~> 1.3.6)
shoulda-matchers (~> 2.8.0) shoulda-matchers (~> 2.8.0)
......
...@@ -50,6 +50,7 @@ module Gitlab ...@@ -50,6 +50,7 @@ module Gitlab
# - Build variables (:variables) # - Build variables (:variables)
# - GitLab Pages SSL cert/key info (:certificate, :encrypted_key) # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
# - Webhook URLs (:hook) # - Webhook URLs (:hook)
# - GitLab-shell secret token (:secret_token)
# - Sentry DSN (:sentry_dsn) # - Sentry DSN (:sentry_dsn)
# - Deploy keys (:key) # - Deploy keys (:key)
config.filter_parameters += %i( config.filter_parameters += %i(
...@@ -62,6 +63,7 @@ module Gitlab ...@@ -62,6 +63,7 @@ module Gitlab
password password
password_confirmation password_confirmation
private_token private_token
secret_token
sentry_dsn sentry_dsn
variables variables
) )
......
...@@ -18,6 +18,8 @@ if Rails.env.production? ...@@ -18,6 +18,8 @@ if Rails.env.production?
# Sanitize fields based on those sanitized from Rails. # Sanitize fields based on those sanitized from Rails.
config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s) config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s)
# Sanitize authentication headers
config.sanitize_http_headers = %w[Authorization Private-Token]
config.tags = { program: Gitlab::Sentry.program_context } config.tags = { program: Gitlab::Sentry.program_context }
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment