---
title: "Parameter filtering enhancement in Rails 5"
description:
  "Rails 5 enhances parameter filtering of sensitive data appearing in the logs"
canonical_url: "https://www.bigbinary.com/blog/parameter-filtering-enhacement-rails-5"
markdown_url: "https://www.bigbinary.com/blog/parameter-filtering-enhacement-rails-5.md"
---

# Parameter filtering enhancement in Rails 5

Rails 5 enhances parameter filtering of sensitive data appearing in the logs

- Author: Vijay Kumar Agrawal
- Published: March 7, 2016
- Categories: Rails 5, Rails

For security reasons, we do not want sensitive data like passwords, credit card
information, auth keys etc to appear in log files.

Rails makes it very easy to filter such data. Just add following line in
`application.rb` to filter sensitive information.

```ruby
config.filter_parameters += [:password]
```

Now the log file will show `[FILTERED]` instead of real password value.

This replacement of `password` with `[FILTERED]` is done recursively.

```ruby
{user_name: "john", password: "123"}
{user: {name: "john", password: "123"}}
{user: {auth: {id: "john", password: "123"}}}
```

In all the above cases, "123" would be replaced by "[FILTERED]".

Now think of a situation where we do not want to filter all the occurrence of a
key. Here is an example.

```ruby
{credit_card: {number: "123456789", code: "999"}}
{user_preference: {color: {name: "Grey", code: "999999"}}}
```

We definitely want to filter `[:credit_card][:code]` but we want
`[:color][:code]` to show up in the log file.

This [can be achieved in Rails 5](https://github.com/rails/rails/pull/13897).

The application.rb changes from

```ruby
config.filter_parameters += ["code"]
```

to

```ruby
config.filter_parameters += ["credit_card.code"]
```

In this case so long as parent of `code` is `credit_card` Rails will filter the
data.

## Links

- [Human page](https://www.bigbinary.com/blog/parameter-filtering-enhacement-rails-5)