Saturday, March 16, 2019
It varies on each request https://medium.com/rubyinside/a-deep-dive-into-csrf-protection-in-rails-19fa0a42c0ef
On Sat, Mar 16, 2019 at 2:19 AM 0x01 <mansur.mustafayev@gmail.com> wrote:
I do use Heroku and pipe logs to Papertrail (log aggregation service). Also, logs are stored in Amazon S3 for some time.--If these logs get compromised, can these tokens be used again (i.e. are these tokens reusable?)Thanks.
пятница, 15 марта 2019 г., 23:08:48 UTC+4 пользователь Joe Guerra написал:Where are your logs located?
On Friday, March 15, 2019 at 2:54:51 PM UTC-4, 0x01 wrote:Is there a danger in leaking authenticity_token in logs? To put it differently: should I filter them out from logs?
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/e8137c7f-e3c8-4fe8-8115-4c290ae68dc1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAJ6MPz%2Bg4KhDJUGo-_31dyUyVnPXGn6UkeAc%3DMtv3adDnpSwSw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment