From 41a22b8c5a3f454be77c6c2626e06161dcd3a38e Mon Sep 17 00:00:00 2001 From: Guo Xiang Tan Date: Thu, 25 Aug 2016 09:15:41 +0800 Subject: [PATCH] FIX: Don't sanitize API username so that we can potentially identify the source. --- config/application.rb | 1 - .../discourse-nginx-performance-report/script/nginx_analyze.rb | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/config/application.rb b/config/application.rb index 9ceaaa719..577d12799 100644 --- a/config/application.rb +++ b/config/application.rb @@ -103,7 +103,6 @@ module Discourse :password, :pop3_polling_password, :api_key, - :api_username, :s3_secret_access_key, :twitter_consumer_secret, :facebook_app_secret, diff --git a/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb b/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb index 29c47279e..b63be1eb7 100644 --- a/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb +++ b/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb @@ -49,7 +49,7 @@ class LogAnalyzer private def self.sanitize_url(url) - url.gsub(/(api_key|api_username)=([\w.\-]+)/, '\1=[FILTERED]') + url.gsub(/api_key=([\w.\-]+)/, '\1=[FILTERED]') end end