1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/railties/test
Zhang Kang 180dcd1bfa Configuration item config.filter_parameters could also filter out sensitive value of database column when call #inspect
* Why
Some sensitive data will be exposed in log accidentally by calling `#inspect`, e.g.

```ruby
@account = Account.find params[:id]
payload = { account: @account }
logger.info "payload will be #{ payload }"
```

All the information of `@account` will be exposed in log.

* Solution
Add a class attribute filter_attributes to specify which values of columns shouldn't be exposed.
This attribute equals to `Rails.application.config.filter_parameters` by default.

```ruby
Rails.application.config.filter_parameters += [:credit_card_number]
Account.last.insepct # => #<Account id: 123, credit_card_number: [FILTERED] ...>
```
2018-09-07 09:52:13 +08:00
..
application Configuration item config.filter_parameters could also filter out sensitive value of database column when call #inspect 2018-09-07 09:52:13 +08:00
command Use did_you_mean spell checker for option suggestions 2018-03-23 11:36:03 +02:00
commands Fix rails routes -c for controller name consists of multiple word. 2018-08-20 19:17:40 +09:00
configuration Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
engine Make automatically synchronize test schema work inside engine 2017-10-02 15:50:58 +09:00
fixtures/lib Remove unused fixtures 2017-09-26 07:45:42 +09:00
generators Use canonical name for block local 2018-09-07 07:40:03 +09:00
isolation Merge pull request #33770 from eileencodes/multi-db-improvements-part-3 2018-09-01 09:49:01 -04:00
minitest rubocop single space after assignment 2018-02-19 11:23:47 +05:30
railties Enable Layout/EmptyLinesAroundBlockBody to reduce review cost in the future 2018-07-12 21:29:48 +09:00
test_unit Show rails instead of bin/rails on USAGE instructions 2018-07-06 22:46:54 +02:00
abstract_unit.rb Add credentials using a generic EncryptedConfiguration class (#30067) 2017-09-11 20:21:20 +02:00
app_loader_test.rb Turn on performance based cops 2018-07-23 15:37:06 -07:00
backtrace_cleaner_test.rb Use backtrace cleaner to clean up backtrace for verbose query logs 2018-08-14 09:15:28 +10:00
code_statistics_calculator_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
code_statistics_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
console_helpers.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
engine_test.rb Use assert_predicate and assert_not_predicate 2018-01-25 23:32:59 -05:00
env_helpers.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
generators_test.rb Remove unnecessary test 2018-06-03 20:53:05 +09:00
initializable_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
json_params_parsing_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
path_generation_test.rb Add credentials using a generic EncryptedConfiguration class (#30067) 2017-09-11 20:21:20 +02:00
paths_test.rb Use assert_predicate and assert_not_predicate 2018-01-25 23:32:59 -05:00
rack_logger_test.rb Fix test added in #32444 2018-04-06 14:00:13 +03:00
rails_info_controller_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00
rails_info_test.rb Replace assert ! with assert_not 2018-04-19 08:11:33 -04:00
secrets_test.rb Deprecate encrypted secrets in favor of credentials. 2017-11-12 17:50:09 +01:00
version_test.rb Adding frozen_string_literal pragma to Railties. 2017-08-14 19:08:09 +02:00