Merge branch 'raven-headers' into 'security'

Don't send Private-Token headers to Sentry Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537 This bumps 'raven' (the Ruby gem we use to send errors to Sentry) to version 2.0.2. We need 2.0.0 or newer to be able to sanitize HTTP headers. See merge request !2004
author: Rémy Coutable <remy@gitlab.com> 2016-10-05 09:30:10 +0000
committer: Rémy Coutable <remy@gitlab.com> 2016-10-05 09:30:10 +0000
commit: 3f57ea0c0ba55f2612997acfb531f83a70b73323 (patch)
tree: bd6eaf4bc4fe25d95a9390299fd3b3d44311acef /config/application.rb
parent: 5e4418b23850947752134a04e4e42a1a22c7aac9 (diff)
parent: 437bebb0ff6e7deba6fd157ec6b55112e125731f (diff)
download: gitlab-ce-3f57ea0c0ba55f2612997acfb531f83a70b73323.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb
index 4792f6670a8..f5c900da8cf 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -50,6 +50,7 @@ module Gitlab
     # - Build variables (:variables)
     # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
     # - Webhook URLs (:hook)
+    # - GitLab-shell secret token (:secret_token)
     # - Sentry DSN (:sentry_dsn)
     # - Deploy keys (:key)
     config.filter_parameters += %i(
@@ -62,6 +63,7 @@ module Gitlab
       password
       password_confirmation
       private_token
+      secret_token
       sentry_dsn
       variables
     )
author	Rémy Coutable <remy@gitlab.com>	2016-10-05 09:30:10 +0000
committer	Rémy Coutable <remy@gitlab.com>	2016-10-05 09:30:10 +0000
commit	3f57ea0c0ba55f2612997acfb531f83a70b73323 (patch)
tree	bd6eaf4bc4fe25d95a9390299fd3b3d44311acef /config/application.rb
parent	5e4418b23850947752134a04e4e42a1a22c7aac9 (diff)
parent	437bebb0ff6e7deba6fd157ec6b55112e125731f (diff)
download	gitlab-ce-3f57ea0c0ba55f2612997acfb531f83a70b73323.tar.gz