Use config.filter_parameters on in-browser request dump. [#4335 state:resolved]

actionpack/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb

@@ -6,7 +6,7 @@
 <% end %>
 
 <%
-  clean_params = @request.parameters.clone
+  clean_params = @request.filtered_parameters.clone
   clean_params.delete("action")
   clean_params.delete("controller")
 

actionpack/test/dispatch/show_exceptions_test.rb

@@ -106,4 +106,13 @@ class ShowExceptionsTest < ActionController::IntegrationTest
     assert_response 405
     assert_match /ActionController::MethodNotAllowed/, body
   end
+
+  test "does not show filtered parameters" do
+    @app = DevelopmentApp
+
+    get "/", {"foo"=>"bar"}, {'action_dispatch.show_exceptions' => true,
+      'action_dispatch.parameter_filter' => [:foo]}
+    assert_response 500
+    assert_match "&quot;foo&quot;=&gt;&quot;[FILTERED]&quot;", body
+  end
 end