如何过滤Rails中的参数? [英] How to filter parameters in rails?
问题描述
Rails内置了日志过滤功能,因此您无需记录密码和信用卡.为此非常有用,但是当您想要触发自定义日志(例如发送电子邮件)并发送您自己的参数或其他数据时,显然不会自动过滤参数.我一直在挖掘并尝试在rails源中找到它,但是到目前为止还没有运气.
Rails has built in log filtering so you don't log passwords and credit cards. Works great for that but when you want to trigger a custom log (like to email) and send your own params or other data along with it, the parameters are obviously not auto-filtered. I have been digging and trying to find this in the rails source but have had no luck so far.
我已经配置了rails来过滤参数,如下所示,它可以正常工作以使数据不进入rails日志中:
I have configured rails to filter parameters as follows and it works properly for keeping the data out of rails logs:
config.filter_parameters += [:password, :password_confirmation, :credit_card]
在将其转储到电子邮件,api调用或自定义(无轨)日志中之前,您如何从params哈希中过滤敏感数据?
How would you filter sensitive data from the params hash before dumping it into an email, api call or custom (non-rails) log?
推荐答案
您始终可以使用except
方法:
params.except(:password, :password_confirmation, :credit_card)
这会将它们从列表中排除.要过滤"它们,您可以尝试这种方法.
That will exclude them from the listing. To "filter" them you could try this approach.
这篇关于如何过滤Rails中的参数?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!