Hi everybody, I stumbled upon this idea today that redirect logs should be filterable, similarily to what happens for parameters. Maybe it's not a very common case, but it may happen that your Rails app performs a redirect to a resource which may be worth to keep secure.
The first thing that comes to my mind are S3 HMAC signed resources. Most of the times those are printed out in HTML, but it may happen to have those resources served by your Rails app via a redirect. What do you think about it? I drafted out a possible solution here: https://github.com/freegenie/rails/commit/953f393c948e73db7fff34a88520b5c51684cce7 Should I open an issue and a pull request for this? Thanks, -f -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-core/-/R0rRmaUO6VcJ. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
