[ActionCable] No way to filter out any sensitive data which may be passed as an argument to the remote procedure over ws protocol..

[Anuragjain89]

Steps to reproduce

Just followed the action cable demo from DHH on rails homepage.

You would notice that whenever the RoomChannel#speak is invoked over websocket protocol, the server logs show the arguments which are passed.

RoomChannel#speak({"message"=>"test"})

For HTTP requests, we have filter_parameters to filter out any sensitive data from the logs.
However, for these RPCs, I could not find any way to filter out any sensitive data which may be passed as an argument to the remote procedure.

Expected behavior

I expected some mechanism to filter out logs for any arbitrary arguments which are passed over ws protocol.

Actual behavior

I could not find a way to filter out logs for data transmitted over ws protocol.
Please advise if this behavior is on purpose.

Below is the related code which I am referring to

#actioncable-5.0.0.rc1/lib/action_cable/channel/base.rb
def dispatch_action(action, data)
  # What if we do not want this to be logged.
  logger.info action_signature(action, data)

  if method(action).arity == 1
    public_send action, data
  else
    public_send action
  end
end

def action_signature(action, data)
  "#{self.class.name}##{action}".tap do |signature|
    if (arguments = data.except('action')).any?
      signature << "(#{arguments.inspect})"
    end
  end
end

System configuration

Rails version: 5.0.0.rc1

Ruby version: ruby 2.2.4p230 (2015-12-16 revision 53155) [x86_64-linux]

[maclover7]

Hmm, we should be able to just include the proper module from ActionDispatch. Looking into this.

---

after more investigation...

So, hmm. this is going to be slightly difficult to solve, given that when messages are being process by Action Cable, the "data/params" is a Hash, and not an actual request object of any type. This means that parameters and others things are not filtered out. We might need to increase allocations and create ActionDispatch::Request objects, or opt for a more lightweight ActionCable::Payload / ActionCable::Request / whatever, to be able to filter out parameters.

[maclover7]

Opened #25090.

[mulander]

I would like to add, that apart from filtering it would be extremely nice to be able to disable logging completely for selected channels (to avoid log spam from extremely chatty connections whose payload or the fact that a transmission happened is not interesting).

In essence, I would rather disable logging for RoomChannel than have it filled with
useless information.

RoomChannel#speak({"message"=>"{filtered}"})
RoomChannel#speak({"message"=>"{filtered}"})
RoomChannel#speak({"message"=>"{filtered}"})

I have a real world use-case in our product, where automation generates some actioncable chatter that is of no benefit and just fills the logs.

EDIT:

Here is the cleanest (imho) workaround to silence the logging of a specific action.

Override perform_action in your channel wrapping the call to the overwritten method with a Rails.logger.silence.

class RoomChannel < ApplicationCable::Channel                                                                
  def perform_action(data)                                                                                      
    Rails.logger.silence do                                                                                     
      super(data)                                                                                               
    end                                                                                                         
  end 

if you need to squelch only specific actions, you can extract the action from the data and silence based on it's value. The below example will squelch all logging from the :speak action but leave others logged as usual.

class RoomChannel < ApplicationCable::Channel                                                                
  def perform_action(data)
    action = extract_action(data)
    if action == :speak                                                                                      
      Rails.logger.silence do                                                                                     
        super(data)                                                                                               
      end
     else
       super(data)
     end                                                                                                         
  end 

regardless of the above, it still would be nice to have a nicer way to selectively disable the logging.

[dillonwelch]

@Anuragjain89 since ActionCable and Rails 5 has been live for a long time now, can you check and see if this concern has been fixed in the releases since RC1?

[Anuragjain89]

@oniofchaos
There's an open PR for the same where one may find some of the ways (not necessarily the best ways, but still, it gets the work done) of addressing this.

[anle1337]

that PR is closed

[mahfuz-r]

This is how I am filtering specific field from dispatch_action method.

Method 1: for all channel

• I created a config/initializers/actioncable.rb, and
• Override the dispatch_action method

Note: Restart server after adding this code

# config/initializers/actioncable.rb

ActionCable::Channel::Base.class_eval do
  def dispatch_action(action, data)
    # logger.info action_signature(action, data)
   
    # .......... filter data start ..........
    filtered_data = data
    filtered_data['audio_ch'] = '{filtered}' if filtered_data['audio_ch'].present?
    logger.info action_signature(action, filtered_data)
    # .......... ./filter data end ..........

    if method(action).arity == 1
      public_send action, data
    else
      public_send action
    end
  rescue Exception => exception
    rescue_with_handler(exception) || raise
  end
end

Method 2: for specific channel

This monkey patch works in specific channel.

# app/channels/app_online_channel.rb

class AppOnlineChannel < ApplicationCable::Channel
  def dispatch_action(action, data)
     # logger.info action_signature(action, data)
   
     # .......... filter data start ..........
     filtered_data = data
     filtered_data['audio_ch'] = '{filtered}' if filtered_data['audio_ch'].present?
     logger.info action_signature(action, filtered_data)
     # .......... ./filter data end ..........

     if method(action).arity == 1
       public_send action, data
     else
       public_send action
     end
   rescue Exception => exception
     rescue_with_handler(exception) || raise
   end