Project

General

Profile

Actions
Copy link

Patch #43986

closed

Improve the `config.filter_parameters` setting

Added by Julian Hanzlik 21 days ago. Updated 17 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Go MAEDA
Category:
Security
Target version:
6.0.10

Description

While working with the application, I encountered an unexpected error that resulted in the following log entry:


[request-id] ActionView::Template::Error 
[557a2650-c33f-4f3b-8b92-6ba7b9dac904] ActionView::Template::Error (No route matches {:action=>"show", :controller=>"doorkeeper/people", :id=>#<User id: xxx, login: "xxx", hashed_password: [FILTERED],
firstname: "xxx", lastname: "xxx", admin: xxx, status: 1, last_login_on: "xxx", language: "en", auth_source_id: nil, created_on: "xxx", updated_on: "xxx", type: "User", mail_notification: "only_my_events",
salt: "xxx", must_change_passwd: false, passwd_changed_on: "xxx", twofa_scheme: "totp", twofa_totp_key: <KEY_IN_CLEARTEXT>, twofa_totp_last_used_at: xxx, twofa_required: xxx>}):

The log output includes sensitive information, specifically the twofa_totp_key , which is written in plain text . This poses a security risk, as such secrets should never be exposed in application logs.

Expected Behavior

Sensitive attributes such as twofa_totp_key (and similar authentication-related fields) should always be properly filtered or masked in logs.

Actual Behavior

The twofa_totp_key is logged in clear text as part of the serialized User object within the error message.

Impact

This could potentially expose confidential authentication data if logs are accessed by unauthorized parties or stored in insecure locations.

Proposed Fix

I have implemented a fix to filter the sensitive attribute:

diff --git a/config/application.rb b/config/application.rb
index 953fd7616..49dc5e2f7 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -66,7 +66,7 @@ module RedmineApp
     config.encoding = "utf-8" 

     # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters += [:password]
+    config.filter_parameters += [:password, :twofa_totp_key]

     config.action_mailer.perform_deliveries = false

Additional Notes

It may be worth reviewing other sensitive fields to ensure they are consistently filtered across all logging outputs.

Files

43986.patch (469 Bytes) 43986.patch Go MAEDA, 2026-04-23 08:25
Actions
Copy link

Also available in: Atom PDF