Merge remote-tracking branch 'parent/main' into upstream-20240604

2024-06-04 08:02:05 +09:00 · 2024-06-04 08:02:05 +09:00 · 8927b1444b
commit 8927b1444b
parent 51155d6bd8 d4e094987e
89 changed files with 1132 additions and 458 deletions
--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@ -6,5 +6,5 @@
 # Use this to limit dissemination of sensitive information.
 # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors.
 Rails.application.config.filter_parameters += [
-  :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+  :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
 ]
--- a/config/initializers/rack_attack_logging.rb
+++ b/config/initializers/rack_attack_logging.rb
@ -3,7 +3,7 @@
 ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish, _request_id, payload|
  req = payload[:request]

-  next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type']
+  next unless [:throttle, :blocklist].include? req.env['rack.attack.match_type']

  Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}")
 end