Merge branch 'filter-title-description-and-body-from-logs' into 'master'

Filter title, description, and body from logs Closes #64460 and #60365 See merge request gitlab-org/gitlab-ce!31274
2019-08-08 21:37:10 +00:00 · 2019-08-08 21:37:10 +00:00 · c43375dc87
parent dd7e932c9b 08d081ca8e
commit c43375dc87
2 changed files with 21 additions and 3 deletions
--- a/changelogs/unreleased/filter-title-description-and-body-from-logs.yml
+++ b/changelogs/unreleased/filter-title-description-and-body-from-logs.yml
@ -0,0 +1,5 @@
+---
+title: Filter title, description, and body parameters from logs
+merge_request:
+author:
+type: changed
--- a/config/application.rb
+++ b/config/application.rb
@ -105,10 +105,23 @@ module Gitlab
    # - Sentry DSN (:sentry_dsn)
    # - File content from Web Editor (:content)
    # - Jira shared secret (:sharedSecret)
+    # - Titles, bodies, and descriptions for notes, issues, etc.
    #
-    # NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not
-    #       introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182
-    config.filter_parameters += [/token$/, /password/, /secret/, /key$/, /^note$/, /^text$/]
+    # NOTE: It is **IMPORTANT** to also update labkit's filter when
+    #       adding parameters here to not introduce another security
+    #       vulnerability:
+    #       https://gitlab.com/gitlab-org/labkit/blob/master/mask/matchers.go
+    config.filter_parameters += [
+      /token$/,
+      /password/,
+      /secret/,
+      /key$/,
+      /^body$/,
+      /^description$/,
+      /^note$/,
+      /^text$/,
+      /^title$/
+    ]
    config.filter_parameters += %i(
      certificate
      encrypted_key