rails and security

http://weblog.rubyonrails.org/2006/8/21/filtered-parameter-logging

Regards

MR Damien escribió:

Hi,

I am wondering if there is a way to secure rails application logs ?

My issue is that I discovered that form parameters are shown in clear in
the logs. So when users are authenticating, you see the login and
password in clear

Processing LoginController#index (for xxxxx at 2008-10-16 11:22:43)
[POST]
  Session ID: 8cb95e2e50332added5715eff9e84938
  Parameters:
{"authenticity_token"=>"f2ccf4bf93a1a334e5b3ed227eef84e12fafbbf6",
"action"=>"index", "controller"=>"login", "password"=>"toto",
"login"=>"r386528"}

Is there any way to hide this ?
  

/**
* dagi3d v4 - http://dagi3d.net
*/

Borja Martín wrote:

http://weblog.rubyonrails.org/2006/8/21/filtered-parameter-logging

Regards

That worked, thanks !