airbrake 4.2.1 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +17 -0
- data/lib/airbrake/configuration.rb +8 -1
- data/lib/airbrake/notice.rb +12 -6
- data/lib/airbrake/rails.rb +10 -5
- data/lib/airbrake/utils/params_cleaner.rb +28 -9
- data/lib/airbrake/utils/rack_filters.rb +1 -0
- data/lib/airbrake/version.rb +1 -1
- data/resources/notice.xml +1 -2
- data/test/configuration_test.rb +2 -0
- data/test/params_cleaner_test.rb +76 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 263adc28e090f9a33efbaa8aa900f22efdc2ea28
|
|
4
|
+
data.tar.gz: 4a37838933f29cccc424a2baabc28eee944266d8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8aff408c99a47db54ec2228221bded5cd3f9c61e0d48154169c3f267f55e3e979ebd55a073050a69cd7eb68a7bcc867dfa5492cdccff2e1b482d863387ae8de5
|
|
7
|
+
data.tar.gz: cac67835090c5aee3d48a00cdeefff764ece2785cf7e1b8880569ba3a9cf316e473af1182e4fbcffed990dce7a01e46916342e43d64598c3146b7b35093219db
|
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,19 @@
|
|
|
1
|
+
Version 4.3.0 - 2015-06-23 19:36:10 -0500
|
|
2
|
+
===============================================================================
|
|
3
|
+
|
|
4
|
+
Omer Gazit (1):
|
|
5
|
+
Add ability to define whitelist filters for parameters
|
|
6
|
+
|
|
7
|
+
shifi (7):
|
|
8
|
+
use top level namespace and stay compatible with Rails 2.x - fixes #388
|
|
9
|
+
update to match new changes
|
|
10
|
+
support whitelist and blacklist approach for params filters and support nested filter arrays
|
|
11
|
+
add more tests for params cleaner
|
|
12
|
+
Merge branch 'feature/whitelist-params-filters'
|
|
13
|
+
add HTTP_AUTHORIZATION to rack filters
|
|
14
|
+
make sure we remove all sensitive rack vars
|
|
15
|
+
|
|
16
|
+
|
|
1
17
|
Version 4.2.1 - 2015-06-01 22:12:49 -0500
|
|
2
18
|
===============================================================================
|
|
3
19
|
|
|
@@ -1543,5 +1559,6 @@ Nick Quaranto (3):
|
|
|
1543
1559
|
|
|
1544
1560
|
|
|
1545
1561
|
|
|
1562
|
+
|
|
1546
1563
|
|
|
1547
1564
|
|
|
@@ -6,7 +6,7 @@ module Airbrake
|
|
|
6
6
|
:development_lookup, :environment_name, :host,
|
|
7
7
|
:http_open_timeout, :http_read_timeout, :ignore, :ignore_by_filters,
|
|
8
8
|
:ignore_user_agent, :notifier_name, :notifier_url, :notifier_version,
|
|
9
|
-
:params_filters, :project_root, :port, :protocol, :proxy_host,
|
|
9
|
+
:params_filters, :params_whitelist_filters, :project_root, :port, :protocol, :proxy_host,
|
|
10
10
|
:proxy_pass, :proxy_port, :proxy_user, :secure, :use_system_ssl_cert_chain,
|
|
11
11
|
:framework, :user_information, :rescue_rake_exceptions, :rake_environment_filters,
|
|
12
12
|
:test_mode].freeze
|
|
@@ -49,6 +49,11 @@ module Airbrake
|
|
|
49
49
|
# By default, all "password" attributes will have their contents replaced.
|
|
50
50
|
attr_accessor :params_filters
|
|
51
51
|
|
|
52
|
+
# A list of whitelisted parameters that will be sent to Airbrake.
|
|
53
|
+
# All other parameters will be filtered and their content replaced.
|
|
54
|
+
# By default this list is empty (all parameters are whitelisted).
|
|
55
|
+
attr_accessor :params_whitelist_filters
|
|
56
|
+
|
|
52
57
|
# A list of filters for cleaning and pruning the backtrace. See #filter_backtrace.
|
|
53
58
|
attr_reader :backtrace_filters
|
|
54
59
|
|
|
@@ -115,6 +120,7 @@ module Airbrake
|
|
|
115
120
|
alias_method :test_mode?, :test_mode
|
|
116
121
|
|
|
117
122
|
DEFAULT_PARAMS_FILTERS = %w(password password_confirmation).freeze
|
|
123
|
+
DEFAULT_PARAMS_WHITELIST_FILTERS = [].freeze
|
|
118
124
|
|
|
119
125
|
DEFAULT_USER_ATTRIBUTES = %w(id).freeze
|
|
120
126
|
|
|
@@ -157,6 +163,7 @@ module Airbrake
|
|
|
157
163
|
@http_open_timeout = 2
|
|
158
164
|
@http_read_timeout = 5
|
|
159
165
|
@params_filters = DEFAULT_PARAMS_FILTERS.dup
|
|
166
|
+
@params_whitelist_filters = DEFAULT_PARAMS_WHITELIST_FILTERS.dup
|
|
160
167
|
@backtrace_filters = DEFAULT_BACKTRACE_FILTERS.dup
|
|
161
168
|
@ignore_by_filters = [] # These filters are applied to both server requests and Rake tasks
|
|
162
169
|
@ignore = IGNORE_DEFAULT.dup
|
data/lib/airbrake/notice.rb
CHANGED
|
@@ -47,6 +47,9 @@ module Airbrake
|
|
|
47
47
|
# See Configuration#params_filters
|
|
48
48
|
attr_reader :params_filters
|
|
49
49
|
|
|
50
|
+
# See Configuration#params_whitelist_filters
|
|
51
|
+
attr_reader :params_whitelist_filters
|
|
52
|
+
|
|
50
53
|
# A hash of parameters from the query string or post body.
|
|
51
54
|
attr_reader :parameters
|
|
52
55
|
alias_method :params, :parameters
|
|
@@ -104,10 +107,12 @@ module Airbrake
|
|
|
104
107
|
@notifier_version = args[:notifier_version]
|
|
105
108
|
@notifier_url = args[:notifier_url]
|
|
106
109
|
|
|
107
|
-
@ignore
|
|
108
|
-
@ignore_by_filters
|
|
109
|
-
@backtrace_filters
|
|
110
|
-
@params_filters
|
|
110
|
+
@ignore = args[:ignore] || []
|
|
111
|
+
@ignore_by_filters = args[:ignore_by_filters] || []
|
|
112
|
+
@backtrace_filters = args[:backtrace_filters] || []
|
|
113
|
+
@params_filters = args[:params_filters] || []
|
|
114
|
+
@params_whitelist_filters = args[:params_whitelist_filters] || []
|
|
115
|
+
|
|
111
116
|
@parameters = args[:parameters] ||
|
|
112
117
|
action_dispatch_params ||
|
|
113
118
|
rack_env(:params) ||
|
|
@@ -130,8 +135,9 @@ module Airbrake
|
|
|
130
135
|
also_use_rack_params_filters
|
|
131
136
|
find_session_data
|
|
132
137
|
|
|
133
|
-
@cleaner = args[:cleaner] ||
|
|
134
|
-
Airbrake::Utils::ParamsCleaner.new(:
|
|
138
|
+
@cleaner = args[:cleaner] ||
|
|
139
|
+
Airbrake::Utils::ParamsCleaner.new(:blacklist_filters => params_filters,
|
|
140
|
+
:whitelist_filters => params_whitelist_filters,
|
|
135
141
|
:to_clean => data_to_clean)
|
|
136
142
|
|
|
137
143
|
clean_data!
|
data/lib/airbrake/rails.rb
CHANGED
|
@@ -19,12 +19,17 @@ module Airbrake
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
if defined?(::Rails.configuration) && ::Rails.configuration.respond_to?(:middleware)
|
|
22
|
-
if defined?(ActionController::Failsafe)
|
|
23
|
-
::Rails.configuration.middleware
|
|
24
|
-
|
|
22
|
+
if defined?(::ActionController::Failsafe)
|
|
23
|
+
::Rails.configuration.middleware.insert_after 'ActionController::Failsafe',
|
|
24
|
+
Airbrake::Rack
|
|
25
|
+
end
|
|
26
|
+
if defined?(::Rack::Lock)
|
|
27
|
+
::Rails.configuration.middleware.insert_after 'Rack::Lock',
|
|
28
|
+
Airbrake::UserInformer
|
|
29
|
+
else
|
|
30
|
+
::Rails.configuration.middleware.insert_before 'Rack::Runtime',
|
|
31
|
+
Airbrake::UserInformer
|
|
25
32
|
end
|
|
26
|
-
::Rails.configuration.middleware
|
|
27
|
-
.insert_before 'Rack::Runtime', Airbrake::UserInformer
|
|
28
33
|
end
|
|
29
34
|
|
|
30
35
|
Airbrake.configure(true) do |config|
|
|
@@ -1,18 +1,22 @@
|
|
|
1
1
|
module Airbrake
|
|
2
2
|
module Utils
|
|
3
3
|
class ParamsCleaner
|
|
4
|
-
attr_writer :
|
|
4
|
+
attr_writer :blacklist_filters, :whitelist_filters, :to_clean
|
|
5
5
|
attr_reader :parameters, :cgi_data, :session_data
|
|
6
6
|
|
|
7
7
|
# Public: Initialize a new Airbrake::Utils::ParamsCleaner
|
|
8
8
|
#
|
|
9
9
|
# opts - The Hash options that contain filters and params (default: {}):
|
|
10
|
-
# :
|
|
10
|
+
# :blacklist_filters - The Array of param keys that should be filtered
|
|
11
|
+
# :whitelist_filters - The Array of param keys that shouldn't be filtered
|
|
11
12
|
# :to_clean - The Hash of unfiltered params
|
|
13
|
+
# :blacklist_filters take precedence over the :whitelist_filters
|
|
12
14
|
def initialize(opts = {})
|
|
13
|
-
@
|
|
14
|
-
@
|
|
15
|
-
@
|
|
15
|
+
@blacklist_filters = (opts[:blacklist_filters] || []).flatten
|
|
16
|
+
@blacklist_filters.map!{|f| f.is_a?(Symbol) ? f.to_s : f }
|
|
17
|
+
@whitelist_filters = (opts[:whitelist_filters] || []).flatten
|
|
18
|
+
@whitelist_filters.map!{|f| f.is_a?(Symbol) ? f.to_s : f }
|
|
19
|
+
@to_clean = opts[:to_clean]
|
|
16
20
|
end
|
|
17
21
|
|
|
18
22
|
# Public: Takes the params to_clean passed in an initializer
|
|
@@ -36,7 +40,7 @@ module Airbrake
|
|
|
36
40
|
def clean_parameters
|
|
37
41
|
return unless @to_clean[:parameters]
|
|
38
42
|
|
|
39
|
-
@parameters = if
|
|
43
|
+
@parameters = if any_filters?
|
|
40
44
|
filter(clean_unserializable_data(@to_clean[:parameters]))
|
|
41
45
|
else
|
|
42
46
|
clean_unserializable_data(@to_clean[:parameters])
|
|
@@ -46,7 +50,7 @@ module Airbrake
|
|
|
46
50
|
def clean_cgi_data
|
|
47
51
|
return unless @to_clean[:cgi_data]
|
|
48
52
|
|
|
49
|
-
@cgi_data = if
|
|
53
|
+
@cgi_data = if any_filters?
|
|
50
54
|
filter(clean_unserializable_data(@to_clean[:cgi_data]))
|
|
51
55
|
else
|
|
52
56
|
clean_unserializable_data(@to_clean[:cgi_data])
|
|
@@ -56,7 +60,7 @@ module Airbrake
|
|
|
56
60
|
def clean_session_data
|
|
57
61
|
return unless @to_clean[:session_data]
|
|
58
62
|
|
|
59
|
-
@session_data = if
|
|
63
|
+
@session_data = if any_filters?
|
|
60
64
|
filter(clean_unserializable_data(@to_clean[:session_data]))
|
|
61
65
|
else
|
|
62
66
|
clean_unserializable_data(@to_clean[:session_data])
|
|
@@ -71,8 +75,23 @@ module Airbrake
|
|
|
71
75
|
end
|
|
72
76
|
end
|
|
73
77
|
|
|
78
|
+
def any_filters?
|
|
79
|
+
@blacklist_filters.any? || @whitelist_filters.any?
|
|
80
|
+
end
|
|
81
|
+
|
|
74
82
|
def filter_key?(key)
|
|
75
|
-
|
|
83
|
+
blacklist_key?(key) || !whitelist_key?(key)
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def blacklist_key?(key)
|
|
87
|
+
@blacklist_filters.any? do |filter|
|
|
88
|
+
key == filter || filter.is_a?(Regexp) && filter.match(key)
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
def whitelist_key?(key)
|
|
93
|
+
return true if @whitelist_filters.empty?
|
|
94
|
+
@whitelist_filters.any? do |filter|
|
|
76
95
|
key == filter || filter.is_a?(Regexp) && filter.match(key)
|
|
77
96
|
end
|
|
78
97
|
end
|
data/lib/airbrake/version.rb
CHANGED
data/resources/notice.xml
CHANGED
|
@@ -1,2 +1 @@
|
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?><notice version="2.4"><api-key>myapikey</api-key><notifier><name>Airbrake Notifier</name><version>4.2.
|
|
2
|
-
Testing airbrake via "rake airbrake:test". If you can see this, it works.</message><backtrace><line number="432" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run__3460589810992859441__process_action__1355900617236565786__callbacks"/><line number="410" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_process_action_callbacks"/><line number="94" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="run_callbacks"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="process_action"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rescue.rb" method="process_action"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="block in process_action"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="block in instrument"/><line number="21" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications/instrumenter.rb" method="instrument"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="instrument"/><line number="29" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="process_action"/><line number="119" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process"/><line number="41" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/rendering.rb" method="process"/><line number="138" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="dispatch"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rack_delegation.rb" method="dispatch"/><line number="178" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="block in action"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="dispatch"/><line number="33" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="148" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="block in call"/><line number="93" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="block in recognize"/><line number="68" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="optimized_each"/><line number="92" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="recognize"/><line number="139" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="call"/><line number="499" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/best_standards_support.rb" method="call"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/head.rb" method="call"/><line number="24" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/methodoverride.rb" method="call"/><line number="21" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/params_parser.rb" method="call"/><line number="182" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/flash.rb" method="call"/><line number="149" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/session/abstract_store.rb" method="call"/><line number="302" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/cookies.rb" method="call"/><line number="46" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="block in call"/><line number="416" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_call_callbacks"/><line number="44" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="call"/><line number="106" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/sendfile.rb" method="call"/><line number="48" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/remote_ip.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/rack/logger.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/runtime.rb" method="call"/><line number="72" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/cache/strategy/local_cache.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="block in call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="synchronize"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="call"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/static.rb" method="call"/><line number="168" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="call"/><line number="240" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="call"/><line number="240" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="block in execute"/><line number="235" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="each"/><line number="235" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="execute"/><line number="179" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="block in invoke_with_call_chain"/><line number="211" file="/Users/shifi/.rvm/rubies/ruby-2.1.3/lib/ruby/2.1.0/monitor.rb" method="mon_synchronize"/><line number="172" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="invoke_with_call_chain"/><line number="165" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="invoke"/><line number="150" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="invoke_task"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block (2 levels) in top_level"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="each"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block in top_level"/><line number="115" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="run_with_threads"/><line number="100" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="top_level"/><line number="78" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block in run"/><line number="176" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="standard_exception_handling"/><line number="75" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="run"/><line number="33" file="[GEM_ROOT]/gems/rake-10.4.2/bin/rake" method="<top (required)>"/><line number="23" file="[GEM_ROOT]/bin/rake" method="load"/><line number="23" file="[GEM_ROOT]/bin/rake" method="<main>"/></backtrace></error><request><url>http://www.example.com/verify</url><component>application</component><action>verify</action><params><var key="action">verify</var><var key="controller">application</var></params><cgi-data><var key="rack.version">["1", "1"]</var><var key="rack.multithread">false</var><var key="rack.multiprocess">true</var><var key="rack.run_once">false</var><var key="REQUEST_METHOD">GET</var><var key="SERVER_NAME">www.example.com</var><var key="SERVER_PORT">80</var><var key="QUERY_STRING"></var><var key="PATH_INFO">/verify</var><var key="rack.url_scheme">http</var><var key="HTTPS">off</var><var key="SCRIPT_NAME"></var><var key="CONTENT_LENGTH">0</var><var key="REMOTE_ADDR">127.0.0.1</var><var key="action_dispatch.parameter_filter">["password"]</var><var key="action_dispatch.show_exceptions">false</var><var key="action_dispatch.remote_ip">127.0.0.1</var><var key="action_dispatch.request.path_parameters"><var key="action">verify</var><var key="controller">application</var></var><var key="action_dispatch.request.content_type"></var><var key="action_dispatch.request.request_parameters"></var><var key="rack.request.query_string"></var><var key="rack.request.query_hash"></var><var key="action_dispatch.request.query_parameters"></var><var key="action_dispatch.request.parameters"><var key="action">verify</var><var key="controller">application</var></var><var key="action_dispatch.request.formats">["text/html"]</var></cgi-data></request><server-environment><project-root>/Users/shifi/work/rackspace/code/airbrake/tmp/rails_root</project-root><environment-name>test</environment-name><hostname>shifi-mac.local</hostname></server-environment><framework>Rails: 3.0.20</framework></notice>
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?><notice version="2.4"><api-key>myapikey</api-key><notifier><name>Airbrake Notifier</name><version>4.2.1</version><url>https://github.com/airbrake/airbrake</url></notifier><error><class>RuntimeError</class><message>RuntimeError: some message</message><backtrace><line number="5" file="[PROJECT_ROOT]/app/controllers/test_controller.rb" method="index"/><line number="4" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/implicit_render.rb" method="send_action"/><line number="150" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process_action"/><line number="11" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rendering.rb" method="process_action"/><line number="18" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="block in process_action"/><line number="436" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run__4272386663397580188__process_action__581431839689109838__callbacks"/><line number="410" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_process_action_callbacks"/><line number="94" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="run_callbacks"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="process_action"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rescue.rb" method="process_action"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="block in process_action"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="block in instrument"/><line number="21" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications/instrumenter.rb" method="instrument"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="instrument"/><line number="29" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="process_action"/><line number="119" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process"/><line number="41" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/rendering.rb" method="process"/><line number="138" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="dispatch"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rack_delegation.rb" method="dispatch"/><line number="178" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="block in action"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="dispatch"/><line number="33" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="148" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="block in call"/><line number="93" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="block in recognize"/><line number="68" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="optimized_each"/><line number="92" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="recognize"/><line number="139" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="call"/><line number="499" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/best_standards_support.rb" method="call"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/head.rb" method="call"/><line number="24" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/methodoverride.rb" method="call"/><line number="21" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/params_parser.rb" method="call"/><line number="182" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/flash.rb" method="call"/><line number="149" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/session/abstract_store.rb" method="call"/><line number="302" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/cookies.rb" method="call"/><line number="46" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="block in call"/><line number="416" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_call_callbacks"/><line number="44" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="call"/><line number="106" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/sendfile.rb" method="call"/><line number="48" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/remote_ip.rb" method="call"/><line number="47" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/show_exceptions.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/rack/logger.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/runtime.rb" method="call"/><line number="72" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/cache/strategy/local_cache.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="block in call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="synchronize"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="call"/><line number="168" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="call"/><line number="77" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="method_missing"/><line number="4" file="request.rb" method="<top (required)>"/><line number="48" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands/runner.rb" method="eval"/><line number="48" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands/runner.rb" method="<top (required)>"/><line number="39" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands.rb" method="require"/><line number="39" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands.rb" method="<top (required)>"/><line number="6" file="script/rails" method="require"/><line number="6" file="script/rails" method="<main>"/></backtrace></error><request><url>http://example.com:123/test/index?param=value</url><component>test</component><action>index</action><params><var key="param">value</var><var key="controller">test</var><var key="action">index</var></params><cgi-data><var key="rack.version">["1", "1"]</var><var key="rack.multithread">false</var><var key="rack.multiprocess">true</var><var key="rack.run_once">false</var><var key="REQUEST_METHOD">GET</var><var key="SERVER_NAME">example.com</var><var key="SERVER_PORT">123</var><var key="QUERY_STRING">param=value</var><var key="PATH_INFO">/test/index</var><var key="rack.url_scheme">http</var><var key="HTTPS">off</var><var key="SCRIPT_NAME"></var><var key="CONTENT_LENGTH">0</var><var key="action_dispatch.parameter_filter">["password"]</var><var key="action_dispatch.show_exceptions">true</var><var key="action_dispatch.remote_ip"></var><var key="action_dispatch.request.path_parameters"><var key="controller">test</var><var key="action">index</var></var><var key="action_dispatch.request.content_type"></var><var key="action_dispatch.request.request_parameters"></var><var key="rack.request.query_string">param=value</var><var key="rack.request.query_hash"><var key="param">value</var></var><var key="action_dispatch.request.query_parameters"><var key="param">value</var></var><var key="action_dispatch.request.parameters"><var key="param">value</var><var key="controller">test</var><var key="action">index</var></var><var key="action_dispatch.request.formats">["text/html"]</var></cgi-data></request><server-environment><project-root>/Users/shifi/work/rackspace/code/airbrake/tmp/rails_root</project-root><environment-name>production</environment-name><hostname>us-irving07382.americas.nsn-net.net</hostname></server-environment><framework>Rails: 3.0.20</framework></notice>
|
data/test/configuration_test.rb
CHANGED
|
@@ -23,6 +23,8 @@ class ConfigurationTest < Test::Unit::TestCase
|
|
|
23
23
|
assert_config_default :ignore_user_agent, []
|
|
24
24
|
assert_config_default :params_filters,
|
|
25
25
|
Airbrake::Configuration::DEFAULT_PARAMS_FILTERS
|
|
26
|
+
assert_config_default :params_whitelist_filters,
|
|
27
|
+
Airbrake::Configuration::DEFAULT_PARAMS_WHITELIST_FILTERS
|
|
26
28
|
assert_config_default :backtrace_filters,
|
|
27
29
|
Airbrake::Configuration::DEFAULT_BACKTRACE_FILTERS
|
|
28
30
|
assert_config_default :rake_environment_filters, []
|
data/test/params_cleaner_test.rb
CHANGED
|
@@ -3,8 +3,9 @@ require File.expand_path '../helper', __FILE__
|
|
|
3
3
|
class ParamsCleanerTest < Test::Unit::TestCase
|
|
4
4
|
|
|
5
5
|
def clean(opts = {})
|
|
6
|
-
cleaner = Airbrake::Utils::ParamsCleaner.new(:
|
|
7
|
-
|
|
6
|
+
cleaner = Airbrake::Utils::ParamsCleaner.new(:blacklist_filters => opts.delete(:params_filters) || [],
|
|
7
|
+
:whitelist_filters => opts.delete(:whitelist_params_filters) || [],
|
|
8
|
+
:to_clean => opts)
|
|
8
9
|
cleaner.clean
|
|
9
10
|
end
|
|
10
11
|
|
|
@@ -61,8 +62,25 @@ class ParamsCleanerTest < Test::Unit::TestCase
|
|
|
61
62
|
assert_equal({"abc" => "123"}, clean_params.cgi_data)
|
|
62
63
|
end
|
|
63
64
|
|
|
64
|
-
should "remove rack
|
|
65
|
+
should "remove sensitive rack vars" do
|
|
65
66
|
original = {
|
|
67
|
+
"HTTP_X_CSRF_TOKEN" => "remove_me",
|
|
68
|
+
"HTTP_COOKIE" => "remove_me",
|
|
69
|
+
"HTTP_AUTHORIZATION" => "remove_me",
|
|
70
|
+
"action_dispatch.request.unsigned_session_cookie" => "remove_me",
|
|
71
|
+
"action_dispatch.cookies" => "remove_me",
|
|
72
|
+
"action_dispatch.unsigned_session_cookie" => "remove_me",
|
|
73
|
+
"action_dispatch.secret_key_base" => "remove_me",
|
|
74
|
+
"action_dispatch.signed_cookie_salt" => "remove_me",
|
|
75
|
+
"action_dispatch.encrypted_cookie_salt" => "remove_me",
|
|
76
|
+
"action_dispatch.encrypted_signed_cookie_salt" => "remove_me",
|
|
77
|
+
"action_dispatch.http_auth_salt" => "remove_me",
|
|
78
|
+
"action_dispatch.secret_token" => "remove_me",
|
|
79
|
+
"rack.request.cookie_hash" => "remove_me",
|
|
80
|
+
"rack.request.cookie_string" => "remove_me",
|
|
81
|
+
"rack.request.form_vars" => "remove_me",
|
|
82
|
+
"rack.session" => "remove_me",
|
|
83
|
+
"rack.session.options" => "remove_me",
|
|
66
84
|
"rack.request.form_vars" => "story%5Btitle%5D=The+TODO+label",
|
|
67
85
|
"abc" => "123"
|
|
68
86
|
}
|
|
@@ -95,6 +113,61 @@ class ParamsCleanerTest < Test::Unit::TestCase
|
|
|
95
113
|
assert_filters_hash(:parameters)
|
|
96
114
|
end
|
|
97
115
|
|
|
116
|
+
should "whitelist filter parameters" do
|
|
117
|
+
whitelist_filters = ["abc", :def]
|
|
118
|
+
original = { 'abc' => "123", 'def' => "456", 'ghi' => "789", 'nested' => { 'abc' => '100' },
|
|
119
|
+
'something_with_abc' => 'match the entire string'}
|
|
120
|
+
filtered = { 'abc' => "123",
|
|
121
|
+
'def' => "456",
|
|
122
|
+
'something_with_abc' => "[FILTERED]",
|
|
123
|
+
'ghi' => "[FILTERED]",
|
|
124
|
+
'nested' => "[FILTERED]" }
|
|
125
|
+
|
|
126
|
+
clean_params = clean(:whitelist_params_filters => whitelist_filters,
|
|
127
|
+
:parameters => original)
|
|
128
|
+
|
|
129
|
+
assert_equal(filtered,
|
|
130
|
+
clean_params.send(:parameters))
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
should "not filter everything if whitelist filters are empty" do
|
|
134
|
+
whitelist_filters = []
|
|
135
|
+
original = { 'abc' => '123' }
|
|
136
|
+
clean_params = clean(:whitelist_params_filters => whitelist_filters,
|
|
137
|
+
:parameters => original)
|
|
138
|
+
assert_equal(original, clean_params.send(:parameters))
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
should "not care if filters are defined in nested array" do
|
|
142
|
+
filters = [[/crazy/, :foo, ["bar", ["too"]]]]
|
|
143
|
+
original = {
|
|
144
|
+
'this_is_crazy' => 'yes_it_is',
|
|
145
|
+
'I_am_good' => 'yes_you_are',
|
|
146
|
+
'foo' => '1212',
|
|
147
|
+
'too' => '2121',
|
|
148
|
+
'bar' => 'secret'
|
|
149
|
+
}
|
|
150
|
+
filtered = {
|
|
151
|
+
'this_is_crazy' => '[FILTERED]',
|
|
152
|
+
'I_am_good' => 'yes_you_are',
|
|
153
|
+
'foo' => '[FILTERED]',
|
|
154
|
+
'too' => '[FILTERED]',
|
|
155
|
+
'bar' => '[FILTERED]'
|
|
156
|
+
}
|
|
157
|
+
clean_params = clean(:params_filters => filters,
|
|
158
|
+
:parameters => original)
|
|
159
|
+
assert_equal(filtered, clean_params.send(:parameters))
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
should "filter key if it is defined as blacklist and whitelist" do
|
|
163
|
+
original = { 'filter_me' => 'secret' }
|
|
164
|
+
filtered = { 'filter_me' => '[FILTERED]' }
|
|
165
|
+
clean_params = clean(:params_filters => [:filter_me],
|
|
166
|
+
:params_whitelist_filters => [:filter_me],
|
|
167
|
+
:parameters => original)
|
|
168
|
+
assert_equal(filtered, clean_params.send(:parameters))
|
|
169
|
+
end
|
|
170
|
+
|
|
98
171
|
should "filter cgi data" do
|
|
99
172
|
assert_filters_hash(:cgi_data)
|
|
100
173
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: airbrake
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Airbrake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-06-
|
|
11
|
+
date: 2015-06-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: builder
|
|
@@ -427,7 +427,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
427
427
|
version: '0'
|
|
428
428
|
requirements: []
|
|
429
429
|
rubyforge_project:
|
|
430
|
-
rubygems_version: 2.4.
|
|
430
|
+
rubygems_version: 2.4.8
|
|
431
431
|
signing_key:
|
|
432
432
|
specification_version: 4
|
|
433
433
|
summary: Send your application errors to our hosted service and reclaim your inbox.
|