There are similar questions like this, this, and this.
None help because the goal is to prevent logging of long parameters within a specific action instead of using config.filter_parameters. Also the answer must work for Rails 3.2.x while many answers are based on Rails 5.
One answer suggests calling request.filtered_parameters inside the controller method, but calling request.filtered_parameters.delete :long_param did not stop :long_param from getting logged.
config.filter_parameters takes a lambda function, so you can filter whatever you want. See answers here and here.
If you only want to filter long arguments for a specific action, well, you are making your life unnecessarily complicated. Either filter all long parameters, using your lambda to set a limit on parameter value length, or change the parameter key of the action you want to filter so that it is unique and and then just filter by that key.
This can be achieved with a little help from Middleware filter
Create new file app/middleware/filter_long_params.rb
class FilterLongParams
def initialize(app, long_params = [])
@app = app
@long_params = long_params
end
def call(env)
env["action_dispatch.parameter_filter"] += @long_params unless @long_params.empty?
status, headers, response = @app.call(env)
[status, headers, response]
end
end
Then add to your controller
class YourController
use FilterLongParams, [:long_param_to_be_filtered], only: :update
end
First parameter of use is the name of Middleware class, second parameter should be the array of parameters you want to be filtered, and third may be the usual scope of controller actions.
If Rails 3.2 don't autoload app/middleware path, use app/controllers instead.
