From 95285cd85aea555b69aa122297e57dd17c18d8eb Mon Sep 17 00:00:00 2001
From: Matteo Pagliazzi <matteopagliazzi@gmail.com>
Date: Thu, 20 Jul 2017 15:07:38 +0200
Subject: [PATCH] do not send password to loggly (#8887)

---
 website/server/middlewares/errorHandler.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/server/middlewares/errorHandler.js b/website/server/middlewares/errorHandler.js
index a42251fd7d..fe1fac5d11 100644
--- a/website/server/middlewares/errorHandler.js
+++ b/website/server/middlewares/errorHandler.js
@@ -68,7 +68,7 @@ module.exports = function errorHandler (err, req, res, next) { // eslint-disable
   logger.error(err, {
     method: req.method,
     originalUrl: req.originalUrl,
-    headers: omit(req.headers, ['x-api-key', 'cookie']), // don't send sensitive information that only adds noise
+    headers: omit(req.headers, ['x-api-key', 'cookie', 'password', 'confirmPassword']), // don't send sensitive information that only adds noise
     body: req.body,
     httpCode: responseErr.httpCode,
     isHandledError: responseErr.httpCode < 500,