1. Allan Davis
  2. RubyLearning


RubyLearning / ProjectTrak / vendor / rails / railties / doc / guides / source / actioncontroller_basics / parameter_filtering.txt

== Parameter Filtering ==

Rails keeps a log file for each environment (development, test and production) in the "log" folder. These are extremely useful when debugging what's actually going on in your application, but in a live application you may not want every bit of information to be stored in the log file. The `filter_parameter_logging` method can be used to filter out sensitive information from the log. It works by replacing certain values in the `params` hash with "[FILTERED]" as they are written to the log. As an example, let's see how to filter all parameters with keys that include "password":

[source, ruby]
class ApplicationController < ActionController::Base

  filter_parameter_logging :password


The method works recursively through all levels of the params hash and takes an optional second parameter which is used as the replacement string if present. It can also take a block which receives each key in return and replaces those for which the block returns true.