FIX: Don't sanitize API username so that we can potentially identify the source.

This commit is contained in:
Guo Xiang Tan 2016-08-25 09:15:41 +08:00
parent 5da768b4fe
commit 41a22b8c5a
2 changed files with 1 additions and 2 deletions

View File

@ -103,7 +103,6 @@ module Discourse
:password,
:pop3_polling_password,
:api_key,
:api_username,
:s3_secret_access_key,
:twitter_consumer_secret,
:facebook_app_secret,

View File

@ -49,7 +49,7 @@ class LogAnalyzer
private
def self.sanitize_url(url)
url.gsub(/(api_key|api_username)=([\w.\-]+)/, '\1=[FILTERED]')
url.gsub(/api_key=([\w.\-]+)/, '\1=[FILTERED]')
end
end