Skip to content

Do not include sensitive information in the `#inspect`

Manuel van Rijnrequested to merge
manuelvanrijn/oauth2:filter-attributes-with-sensitive-information into main

I'd like to add this functionality to filter out sensitive information because these are exposed when an exception occurs. In my case, I had to manually catch any exception that could occur and send them to an error tracker and noticed that all these attributes were exposed.

Of course, the main problem was that my code resulted in throwing this exception, but to me, it also felt like a good suggestion to filter these attributes so they aren't unintentionally being exposed.

Example:

Before image

After image

Merge request reports