Filter secret variable values from logs
Right now Project::VariablesController users the `value` parameter to send the secret variable value. `value` is a pretty generic term and could be used in other controllers, but for now it's better to err on the side of caution and filter this out. Closes #43313
This commit is contained in:
Stan Hu
parent
efdde042a3
commit
efbe0768c3
1 changed files with 2 additions and 0 deletions
|
|
@ -69,6 +69,7 @@ module Gitlab
|
|||
# - Webhook URLs (:hook)
|
||||
# - Sentry DSN (:sentry_dsn)
|
||||
# - Deploy keys (:key)
|
||||
# - Secret variable values (:value)
|
||||
config.filter_parameters += [/token$/, /password/, /secret/]
|
||||
config.filter_parameters += %i(
|
||||
certificate
|
||||
|
|
@ -80,6 +81,7 @@ module Gitlab
|
|||
sentry_dsn
|
||||
trace
|
||||
variables
|
||||
value
|
||||
)
|
||||
|
||||
# Enable escaping HTML in JSON.
|
||||
|
|
|
|||
Loading…
Reference in a new issue