如何过滤Rails中的参数? [英] How to filter parameters in rails?

问题描述

Rails内置了日志过滤功能，因此您无需记录密码和信用卡.为此非常有用，但是当您想要触发自定义日志(例如发送电子邮件)并发送您自己的参数或其他数据时，显然不会自动过滤参数.我一直在挖掘并尝试在rails源中找到它，但是到目前为止还没有运气.

Rails has built in log filtering so you don't log passwords and credit cards. Works great for that but when you want to trigger a custom log (like to email) and send your own params or other data along with it, the parameters are obviously not auto-filtered. I have been digging and trying to find this in the rails source but have had no luck so far.

我已经配置了rails来过滤参数，如下所示，它可以正常工作以使数据不进入rails日志中:

I have configured rails to filter parameters as follows and it works properly for keeping the data out of rails logs:

config.filter_parameters += [:password, :password_confirmation, :credit_card]

在将其转储到电子邮件，api调用或自定义(无轨)日志中之前，您如何从params哈希中过滤敏感数据?

How would you filter sensitive data from the params hash before dumping it into an email, api call or custom (non-rails) log?

推荐答案

您始终可以使用except方法:

params.except(:password, :password_confirmation, :credit_card)

这会将它们从列表中排除.要过滤"它们，您可以尝试这种方法.

That will exclude them from the listing. To "filter" them you could try this approach.

这篇关于如何过滤Rails中的参数?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！