edge badge

ParameterFilter allows you to specify keys for sensitive data from hash-like object and replace corresponding value. Filtering only certain sub-keys from a hash is possible by using the dot notation: 'credit_card.number'. If a proc is given, each key and value of a hash and all sub-hashes are passed to it, where the value or the key can be replaced using String#replace or similar methods.

ActiveSupport::ParameterFilter.new([:password])
=> replaces the value to all keys matching /password/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new([:foo, "bar"])
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new(["credit_card.code"])
=> replaces { credit_card: {code: "xxxx"} } with "[FILTERED]", does not
change { file: { code: "xxxx"} }

ActiveSupport::ParameterFilter.new([-> (k, v) do
  v.reverse! if /secret/i.match?(k)
end])
=> reverses the value to all keys matching /secret/i
Methods
F
N
Class Public methods
new(filters = [], mask: FILTERED)

Create instance with given filters. Supported type of filters are String, Regexp, and Proc. Other types of filters are treated as String using to_s. For Proc filters, key, value, and optional original hash is passed to block arguments.

Options

  • :mask - A replaced object when filtered. Defaults to +“[FILTERED]”+

# File activesupport/lib/active_support/parameter_filter.rb, line 37
def initialize(filters = [], mask: FILTERED)
  @filters = filters
  @mask = mask
end
Instance Public methods
filter(params)

Mask value of params if key matches one of filters.

# File activesupport/lib/active_support/parameter_filter.rb, line 43
def filter(params)
  compiled_filter.call(params)
end
filter_param(key, value)

Returns filtered value for given key. For Proc filters, third block argument is not populated.

# File activesupport/lib/active_support/parameter_filter.rb, line 48
def filter_param(key, value)
  @filters.empty? ? value : compiled_filter.value_for_key(key, value)
end