Displaying 1 result from an estimated 1 matches for "log_safe_actions".
2006 Feb 07
11
Possible Rails Security Issue?
I have an e-commerce site and users check out with a form. The
results of that form are sent to a "confirm your order" page via
POST. I take great pains to NEVER store the full credit card number
on my server--just the last 4 digits. I was very surprised to find
that by default Rails will record POST requests with parameters in
the production.log. And those parameters