Parameter filtering enhancement in Rails 5

Vijay Kumar Agrawal

By Vijay Kumar Agrawal

on March 7, 2016

This blog is part of our  Rails 5 series.

For security reasons, we do not want sensitive data like passwords, credit card information, auth keys etc to appear in log files.

Rails makes it very easy to filter such data. Just add following line in application.rb to filter sensitive information.

1config.filter_parameters += [:password]

Now the log file will show [FILTERED] instead of real password value.

This replacement of password with [FILTERED] is done recursively.

1{user_name: "john", password: "123"}
2{user: {name: "john", password: "123"}}
3{user: {auth: {id: "john", password: "123"}}}

In all the above cases, "123" would be replaced by "[FILTERED]".

Now think of a situation where we do not want to filter all the occurrence of a key. Here is an example.

1{credit_card: {number: "123456789", code: "999"}}
2{user_preference: {color: {name: "Grey", code: "999999"}}}

We definitely want to filter [:credit_card][:code] but we want [:color][:code] to show up in the log file.

This can be achieved in Rails 5.

The application.rb changes from

1config.filter_parameters += ["code"]


1config.filter_parameters += ["credit_card.code"]

In this case so long as parent of code is credit_card Rails will filter the data.

Stay up to date with our blogs. Sign up for our newsletter.

We write about Ruby on Rails, ReactJS, React Native, remote work,open source, engineering & design.