1. Allan Davis
  2. RubyLearning

Source

RubyLearning / ProjectTrak / vendor / rails / railties / doc / guides / source / actioncontroller_basics / parameter_filtering.txt

== Parameter Filtering ==

Rails keeps a log file for each environment (development, test and production) in the "log" folder. These are extremely useful when debugging what's actually going on in your application, but in a live application you may not want every bit of information to be stored in the log file. The `filter_parameter_logging` method can be used to filter out sensitive information from the log. It works by replacing certain values in the `params` hash with "[FILTERED]" as they are written to the log. As an example, let's see how to filter all parameters with keys that include "password":

[source, ruby]
-------------------------
class ApplicationController < ActionController::Base

  filter_parameter_logging :password

end
-------------------------

The method works recursively through all levels of the params hash and takes an optional second parameter which is used as the replacement string if present. It can also take a block which receives each key in return and replaces those for which the block returns true.