canvas-lms/lib/logging_filter.rb

module LoggingFilter
  FILTERED_PARAMETERS = [:password, :auth_password, :access_token, :api_key, :client_secret, :fb_sig_friends]
  def self.filtered_parameters
    FILTERED_PARAMETERS
  end

  EXTENDED_FILTERED_PARAMETERS = ["pseudonym[password]", "login[password]"]
  def self.all_filtered_parameters
    FILTERED_PARAMETERS.map(&:to_s) + EXTENDED_FILTERED_PARAMETERS
  end

  def self.filter_uri(uri)
    filter_query_string(uri)
  end

  def self.filter_query_string(qs)
    regs = all_filtered_parameters.map { |p| p.gsub("[", "\\[").gsub("]", "\\]") }.join('|')
    @@filtered_parameters_regex ||= %r{([?&](?:#{regs}))=[^&]+}
    qs.gsub(@@filtered_parameters_regex, '\1=[FILTERED]')
  end

  def self.filter_params(params)
    params.keys.each do |k|
      params[k] = "[FILTERED]" if all_filtered_parameters.include?(k.to_s.downcase)
    end
    params
  end
end
fix logging parameter filtering in rails 3.1+ filter_parameter_logging is deprecated in 3.0 and removed in 3.1 test plan: when logging in, your password should still be filtered from the log file in both rails 2 and rails 3 Change-Id: I697d5a4aca1a7501fe84a52c0097f8ae81074a0a Reviewed-on: https://gerrit.instructure.com/19085 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jacob Fugal <jacob@instructure.com> QA-Review: Clare Hetherington <clare@instructure.com> Product-Review: Brian Palmer <brianp@instructure.com> 2013-03-29 03:59:56 +08:00			`module LoggingFilter`
			`FILTERED_PARAMETERS = [:password, :auth_password, :access_token, :api_key, :client_secret, :fb_sig_friends]`
filter sensitive data from error reports fixes #9700 filter sensitive information from the data that is saved for an error report. also add a few extra fields to the view, such as request_context_id and form parameters. test plan: - make an action with the api that will cause an error report to be generated - go view that error report - it should have your access token filtered out - it should have a request context id field Change-Id: I3c4d0d8002b6f502fdeb9e4dd40f3fd5d51dc04d Reviewed-on: https://gerrit.instructure.com/12625 Reviewed-by: Simon Williams <simon@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> 2012-08-01 01:35:19 +08:00			`def self.filtered_parameters`
			`FILTERED_PARAMETERS`
			`end`

			`EXTENDED_FILTERED_PARAMETERS = ["pseudonym[password]", "login[password]"]`
			`def self.all_filtered_parameters`
			`FILTERED_PARAMETERS.map(&:to_s) + EXTENDED_FILTERED_PARAMETERS`
			`end`

			`def self.filter_uri(uri)`
			`filter_query_string(uri)`
			`end`

			`def self.filter_query_string(qs)`
			`regs = all_filtered_parameters.map { \|p\| p.gsub("[", "\\[").gsub("]", "\\]") }.join('\|')`
			`@@filtered_parameters_regex \|\|= %r{([?&](?:#{regs}))=[^&]+}`
			`qs.gsub(@@filtered_parameters_regex, '\1=[FILTERED]')`
			`end`

			`def self.filter_params(params)`
			`params.keys.each do \|k\|`
			`params[k] = "[FILTERED]" if all_filtered_parameters.include?(k.to_s.downcase)`
			`end`
			`params`
			`end`
			`end`