You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Rails has the following line in the config/environments/production.rb:
# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
config.log_level = :debug
Here is what's inside config/initializers/filter_parameter_logging.rb file: Rails.application.config.filter_parameters += [:password, :_token]
Expected behavior
The problem is that Rails leaks tokens, hashed passwords, and other sensitive details that shouldn't really be in production logs. Using Rails.application.config.filter_parameters only partially solves the problem since it doesn't filter secrets from SQL queries (Only shown when config.log_level = :debug).
I could understand the rationale behind this decision, but some companies use third-party log aggregation tools or simply store logs in S3/Glacier storage, which in turn might expose them to liability under the GDPR.
I think Rails should provide sane defaults out of the box and having :debug log in production is not one of it.
P.S. I can provide logs if you want to see it for yourselves. Heck, I have noticed that even :info leaks some secrets.
System configuration
Rails version: 6.0.0+ (I think 5.2.2 also defaults to :debug in production logs)
The text was updated successfully, but these errors were encountered:
Steps to reproduce
Rails has the following line in the
config/environments/production.rb
:Here is what's inside
config/initializers/filter_parameter_logging.rb
file:Rails.application.config.filter_parameters += [:password, :_token]
Expected behavior
The problem is that Rails leaks tokens, hashed passwords, and other sensitive details that shouldn't really be in production logs. Using
Rails.application.config.filter_parameters
only partially solves the problem since it doesn't filter secrets from SQL queries (Only shown whenconfig.log_level = :debug
).I could understand the rationale behind this decision, but some companies use third-party log aggregation tools or simply store logs in S3/Glacier storage, which in turn might expose them to liability under the GDPR.
I think Rails should provide sane defaults out of the box and having
:debug
log in production is not one of it.P.S. I can provide logs if you want to see it for yourselves. Heck, I have noticed that even
:info
leaks some secrets.System configuration
Rails version: 6.0.0+ (I think 5.2.2 also defaults to
:debug
in production logs)The text was updated successfully, but these errors were encountered: