Unfiltered Password in Exception Notification

If someone submits a password in a form, and an error triggers
exception_notification, the password is shown in plain-text under
“rack.request.form_vars” (even though params is filtered properly).
Using Rails 2.3.


This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs