Commit c43375dc authored by Stan Hu's avatar Stan Hu

Merge branch 'filter-title-description-and-body-from-logs' into 'master'

Filter title, description, and body from logs

Closes #64460 and #60365

See merge request gitlab-org/gitlab-ce!31274
parents dd7e932c 08d081ca
---
title: Filter title, description, and body parameters from logs
merge_request:
author:
type: changed
......@@ -105,10 +105,23 @@ module Gitlab
# - Sentry DSN (:sentry_dsn)
# - File content from Web Editor (:content)
# - Jira shared secret (:sharedSecret)
# - Titles, bodies, and descriptions for notes, issues, etc.
#
# NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not
# introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182
config.filter_parameters += [/token$/, /password/, /secret/, /key$/, /^note$/, /^text$/]
# NOTE: It is **IMPORTANT** to also update labkit's filter when
# adding parameters here to not introduce another security
# vulnerability:
# https://gitlab.com/gitlab-org/labkit/blob/master/mask/matchers.go
config.filter_parameters += [
/token$/,
/password/,
/secret/,
/key$/,
/^body$/,
/^description$/,
/^note$/,
/^text$/,
/^title$/
]
config.filter_parameters += %i(
certificate
encrypted_key
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment