Merge pull request #4417 from tgxworld/api_username_is_useful

FIX: Don't sanitize API username so that we can potentially identify …
2016-08-29 16:07:48 +08:00 · 2016-08-29 16:07:48 +08:00 · 70a1d8bce8
parent dfcbaf66d3 41a22b8c5a
commit 70a1d8bce8
2 changed files with 1 additions and 2 deletions
--- a/config/application.rb
+++ b/config/application.rb
@ -103,7 +103,6 @@ module Discourse
        :password,
        :pop3_polling_password,
        :api_key,
-        :api_username,
        :s3_secret_access_key,
        :twitter_consumer_secret,
        :facebook_app_secret,
--- a/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb
+++ b/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb
@ -49,7 +49,7 @@ class LogAnalyzer
    private

    def self.sanitize_url(url)
-      url.gsub(/(api_key|api_username)=([\w.\-]+)/, '\1=[FILTERED]')
+      url.gsub(/api_key=([\w.\-]+)/, '\1=[FILTERED]')
    end
  end