Commit 2f80a03

mo <mo.khan@gmail.com>
2018-09-17 00:42:30
do not log client_secret if clients send it in request body.
main
1 parent d5dd755
Changed files (1)
config
initializers
filter_parameter_logging.rb
config/initializers/filter_parameter_logging.rb
@@ -8,5 +8,6 @@ Rails.application.config.filter_parameters += [
   :SAMLRequest,
   :SAMLResponse,
   :authenticity_token,
+  :client_secret,
   :password,
 ]