lib/action_dispatch/http/parameter_filter.rb
module ActionDispatch module Http class ParameterFilter def initialize(filters) @filters = filters end def filter(params) if enabled? compiled_filter.call(params) else params.dup end end private def enabled? @filters.present? end FILTERED = '[FILTERED]'.freeze def compiled_filter @compiled_filter ||= begin regexps, blocks = compile_filter lambda do |original_params| filtered_params = {} original_params.each do |key, value| if regexps.find { |r| key =~ r } value = FILTERED elsif value.is_a?(Hash) value = filter(value) elsif value.is_a?(Array) value = value.map { |v| v.is_a?(Hash) ? filter(v) : v } elsif blocks.present? key = key.dup value = value.dup if value.duplicable? blocks.each { |b| b.call(key, value) } end filtered_params[key] = value end filtered_params end end end def compile_filter strings, regexps, blocks = [], [], [] @filters.each do |item| case item when NilClass when Proc blocks << item when Regexp regexps << item else strings << item.to_s end end regexps << Regexp.new(strings.join('|'), true) unless strings.empty? [regexps, blocks] end end end end