I maintain a Sinatra app that acts as a JSON API service. The API is consumed by another web app, as well as a mobile app.
I'd like to have Rack::CommonLogger exclude sensitive information, like a password, from its logs. Rails has this setting enabled, but I have found no documentation how to do this in Sinatra.
You can try to intercept the call to write and filter out sensitive messages like so :
logger = Logger.new("my_common.log")
logger.instance_eval do
def write(msg)
self.send(:<<, msg) if !msg.match /SUPER SENSITIVE INFO HERE/
end
end
then, configure Rack::CommonLogger to use this instance of the logger:
config.middleware.use Rack::CommonLogger, logger