8000 Move filtering to lower level function. by anruban · Pull Request #21 · blacklane/kiev · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Move filtering to lower level function. #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 23, 2021
Merged

Move filtering to lower level function. #21

merged 1 commit into from
Jun 23, 2021

Conversation

anruban
Copy link
Contributor
@anruban anruban commented Jun 18, 2021
edited
Loading

Problem
Kiev::Config.filtered_params and Kiev::Config.ignored_params are applied only to the Rack applications. For the rest of engines like Kafka, Sidekiq, Shoryuken, etc, filtering is not applied. This leads to leaking sensitive data.

Solution
Make gem to be applying filters always via adding filtering step to the base method aka event.

@anruban anruban added the wip label Jun 18, 2021
@anruban anruban force-pushed the apply-sensitive-params-filtering-for-all-application-extensions branch from 9c6a3de to 4c8199c Compare June 22, 2021 07:59
@anruban anruban changed the title Move filtering to low level function. Move filtering to lower level function. Jun 22, 2021
@anruban anruban force-pushed the apply-sensitive-params-filtering-for-all-application-extensions branch 3 times, most recently from 457ba5a to 67d761e Compare June 22, 2021 09:22
@anruban anruban requested a review from a user June 22, 2021 09:26
@anruban anruban added enhancement and removed wip labels Jun 22, 2021
@anruban anruban force-pushed the apply-sensitive-params-filtering-for-all-application-extensions branch 2 times, most recently from 429d374 to f5b6c38 Compare June 22, 2021 15:48
ghost
ghost reviewed Jun 22, 2021
View reviewed changes
@anruban anruban force-pushed the apply-sensitive-params-filtering-for-all-application-extensions branch from f5b6c38 to 5956112 Compare June 23, 2021 08:41
@anruban anruban merged commit 8a9e80c into master Jun 23, 2021
@anruban anruban deleted the apply-sensitive-params-filtering-for-all-application-extensions branch June 23, 2021 11:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knizhegorodov knizhegorodov knizhegorodov approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anruban @knizhegorodov
0