Commit 54e4f6a8 authored by Mark Chao's avatar Mark Chao

Redact sensitive information on workhorse log

parent b28e02a6
title: Redact sensitive information on gitlab-workhorse log
type: security
......@@ -94,6 +94,9 @@ module Gitlab
# - Webhook URLs (:hook)
# - Sentry DSN (:sentry_dsn)
# - File content from Web Editor (:content)
# NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not
# introduce another security vulnerability:
config.filter_parameters += [/token$/, /password/, /secret/, /key$/]
config.filter_parameters += %i(
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment