airbrake 4.2.1 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +17 -0
- data/lib/airbrake/configuration.rb +8 -1
- data/lib/airbrake/notice.rb +12 -6
- data/lib/airbrake/rails.rb +10 -5
- data/lib/airbrake/utils/params_cleaner.rb +28 -9
- data/lib/airbrake/utils/rack_filters.rb +1 -0
- data/lib/airbrake/version.rb +1 -1
- data/resources/notice.xml +1 -2
- data/test/configuration_test.rb +2 -0
- data/test/params_cleaner_test.rb +76 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 263adc28e090f9a33efbaa8aa900f22efdc2ea28
|
|
4
|
+
data.tar.gz: 4a37838933f29cccc424a2baabc28eee944266d8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8aff408c99a47db54ec2228221bded5cd3f9c61e0d48154169c3f267f55e3e979ebd55a073050a69cd7eb68a7bcc867dfa5492cdccff2e1b482d863387ae8de5
|
|
7
|
+
data.tar.gz: cac67835090c5aee3d48a00cdeefff764ece2785cf7e1b8880569ba3a9cf316e473af1182e4fbcffed990dce7a01e46916342e43d64598c3146b7b35093219db
|
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,19 @@
|
|
|
1
|
+
Version 4.3.0 - 2015-06-23 19:36:10 -0500
|
|
2
|
+
===============================================================================
|
|
3
|
+
|
|
4
|
+
Omer Gazit (1):
|
|
5
|
+
Add ability to define whitelist filters for parameters
|
|
6
|
+
|
|
7
|
+
shifi (7):
|
|
8
|
+
use top level namespace and stay compatible with Rails 2.x - fixes #388
|
|
9
|
+
update to match new changes
|
|
10
|
+
support whitelist and blacklist approach for params filters and support nested filter arrays
|
|
11
|
+
add more tests for params cleaner
|
|
12
|
+
Merge branch 'feature/whitelist-params-filters'
|
|
13
|
+
add HTTP_AUTHORIZATION to rack filters
|
|
14
|
+
make sure we remove all sensitive rack vars
|
|
15
|
+
|
|
16
|
+
|
|
1
17
|
Version 4.2.1 - 2015-06-01 22:12:49 -0500
|
|
2
18
|
===============================================================================
|
|
3
19
|
|
|
@@ -1543,5 +1559,6 @@ Nick Quaranto (3):
|
|
|
1543
1559
|
|
|
1544
1560
|
|
|
1545
1561
|
|
|
1562
|
+
|
|
1546
1563
|
|
|
1547
1564
|
|
|
@@ -6,7 +6,7 @@ module Airbrake
|
|
|
6
6
|
:development_lookup, :environment_name, :host,
|
|
7
7
|
:http_open_timeout, :http_read_timeout, :ignore, :ignore_by_filters,
|
|
8
8
|
:ignore_user_agent, :notifier_name, :notifier_url, :notifier_version,
|
|
9
|
-
:params_filters, :project_root, :port, :protocol, :proxy_host,
|
|
9
|
+
:params_filters, :params_whitelist_filters, :project_root, :port, :protocol, :proxy_host,
|
|
10
10
|
:proxy_pass, :proxy_port, :proxy_user, :secure, :use_system_ssl_cert_chain,
|
|
11
11
|
:framework, :user_information, :rescue_rake_exceptions, :rake_environment_filters,
|
|
12
12
|
:test_mode].freeze
|
|
@@ -49,6 +49,11 @@ module Airbrake
|
|
|
49
49
|
# By default, all "password" attributes will have their contents replaced.
|
|
50
50
|
attr_accessor :params_filters
|
|
51
51
|
|
|
52
|
+
# A list of whitelisted parameters that will be sent to Airbrake.
|
|
53
|
+
# All other parameters will be filtered and their content replaced.
|
|
54
|
+
# By default this list is empty (all parameters are whitelisted).
|
|
55
|
+
attr_accessor :params_whitelist_filters
|
|
56
|
+
|
|
52
57
|
# A list of filters for cleaning and pruning the backtrace. See #filter_backtrace.
|
|
53
58
|
attr_reader :backtrace_filters
|
|
54
59
|
|
|
@@ -115,6 +120,7 @@ module Airbrake
|
|
|
115
120
|
alias_method :test_mode?, :test_mode
|
|
116
121
|
|
|
117
122
|
DEFAULT_PARAMS_FILTERS = %w(password password_confirmation).freeze
|
|
123
|
+
DEFAULT_PARAMS_WHITELIST_FILTERS = [].freeze
|
|
118
124
|
|
|
119
125
|
DEFAULT_USER_ATTRIBUTES = %w(id).freeze
|
|
120
126
|
|
|
@@ -157,6 +163,7 @@ module Airbrake
|
|
|
157
163
|
@http_open_timeout = 2
|
|
158
164
|
@http_read_timeout = 5
|
|
159
165
|
@params_filters = DEFAULT_PARAMS_FILTERS.dup
|
|
166
|
+
@params_whitelist_filters = DEFAULT_PARAMS_WHITELIST_FILTERS.dup
|
|
160
167
|
@backtrace_filters = DEFAULT_BACKTRACE_FILTERS.dup
|
|
161
168
|
@ignore_by_filters = [] # These filters are applied to both server requests and Rake tasks
|
|
162
169
|
@ignore = IGNORE_DEFAULT.dup
|
data/lib/airbrake/notice.rb
CHANGED
|
@@ -47,6 +47,9 @@ module Airbrake
|
|
|
47
47
|
# See Configuration#params_filters
|
|
48
48
|
attr_reader :params_filters
|
|
49
49
|
|
|
50
|
+
# See Configuration#params_whitelist_filters
|
|
51
|
+
attr_reader :params_whitelist_filters
|
|
52
|
+
|
|
50
53
|
# A hash of parameters from the query string or post body.
|
|
51
54
|
attr_reader :parameters
|
|
52
55
|
alias_method :params, :parameters
|
|
@@ -104,10 +107,12 @@ module Airbrake
|
|
|
104
107
|
@notifier_version = args[:notifier_version]
|
|
105
108
|
@notifier_url = args[:notifier_url]
|
|
106
109
|
|
|
107
|
-
@ignore
|
|
108
|
-
@ignore_by_filters
|
|
109
|
-
@backtrace_filters
|
|
110
|
-
@params_filters
|
|
110
|
+
@ignore = args[:ignore] || []
|
|
111
|
+
@ignore_by_filters = args[:ignore_by_filters] || []
|
|
112
|
+
@backtrace_filters = args[:backtrace_filters] || []
|
|
113
|
+
@params_filters = args[:params_filters] || []
|
|
114
|
+
@params_whitelist_filters = args[:params_whitelist_filters] || []
|
|
115
|
+
|
|
111
116
|
@parameters = args[:parameters] ||
|
|
112
117
|
action_dispatch_params ||
|
|
113
118
|
rack_env(:params) ||
|
|
@@ -130,8 +135,9 @@ module Airbrake
|
|
|
130
135
|
also_use_rack_params_filters
|
|
131
136
|
find_session_data
|
|
132
137
|
|
|
133
|
-
@cleaner = args[:cleaner] ||
|
|
134
|
-
Airbrake::Utils::ParamsCleaner.new(:
|
|
138
|
+
@cleaner = args[:cleaner] ||
|
|
139
|
+
Airbrake::Utils::ParamsCleaner.new(:blacklist_filters => params_filters,
|
|
140
|
+
:whitelist_filters => params_whitelist_filters,
|
|
135
141
|
:to_clean => data_to_clean)
|
|
136
142
|
|
|
137
143
|
clean_data!
|
data/lib/airbrake/rails.rb
CHANGED
|
@@ -19,12 +19,17 @@ module Airbrake
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
if defined?(::Rails.configuration) && ::Rails.configuration.respond_to?(:middleware)
|
|
22
|
-
if defined?(ActionController::Failsafe)
|
|
23
|
-
::Rails.configuration.middleware
|
|
24
|
-
|
|
22
|
+
if defined?(::ActionController::Failsafe)
|
|
23
|
+
::Rails.configuration.middleware.insert_after 'ActionController::Failsafe',
|
|
24
|
+
Airbrake::Rack
|
|
25
|
+
end
|
|
26
|
+
if defined?(::Rack::Lock)
|
|
27
|
+
::Rails.configuration.middleware.insert_after 'Rack::Lock',
|
|
28
|
+
Airbrake::UserInformer
|
|
29
|
+
else
|
|
30
|
+
::Rails.configuration.middleware.insert_before 'Rack::Runtime',
|
|
31
|
+
Airbrake::UserInformer
|
|
25
32
|
end
|
|
26
|
-
::Rails.configuration.middleware
|
|
27
|
-
.insert_before 'Rack::Runtime', Airbrake::UserInformer
|
|
28
33
|
end
|
|
29
34
|
|
|
30
35
|
Airbrake.configure(true) do |config|
|
|
@@ -1,18 +1,22 @@
|
|
|
1
1
|
module Airbrake
|
|
2
2
|
module Utils
|
|
3
3
|
class ParamsCleaner
|
|
4
|
-
attr_writer :
|
|
4
|
+
attr_writer :blacklist_filters, :whitelist_filters, :to_clean
|
|
5
5
|
attr_reader :parameters, :cgi_data, :session_data
|
|
6
6
|
|
|
7
7
|
# Public: Initialize a new Airbrake::Utils::ParamsCleaner
|
|
8
8
|
#
|
|
9
9
|
# opts - The Hash options that contain filters and params (default: {}):
|
|
10
|
-
# :
|
|
10
|
+
# :blacklist_filters - The Array of param keys that should be filtered
|
|
11
|
+
# :whitelist_filters - The Array of param keys that shouldn't be filtered
|
|
11
12
|
# :to_clean - The Hash of unfiltered params
|
|
13
|
+
# :blacklist_filters take precedence over the :whitelist_filters
|
|
12
14
|
def initialize(opts = {})
|
|
13
|
-
@
|
|
14
|
-
@
|
|
15
|
-
@
|
|
15
|
+
@blacklist_filters = (opts[:blacklist_filters] || []).flatten
|
|
16
|
+
@blacklist_filters.map!{|f| f.is_a?(Symbol) ? f.to_s : f }
|
|
17
|
+
@whitelist_filters = (opts[:whitelist_filters] || []).flatten
|
|
18
|
+
@whitelist_filters.map!{|f| f.is_a?(Symbol) ? f.to_s : f }
|
|
19
|
+
@to_clean = opts[:to_clean]
|
|
16
20
|
end
|
|
17
21
|
|
|
18
22
|
# Public: Takes the params to_clean passed in an initializer
|
|
@@ -36,7 +40,7 @@ module Airbrake
|
|
|
36
40
|
def clean_parameters
|
|
37
41
|
return unless @to_clean[:parameters]
|
|
38
42
|
|
|
39
|
-
@parameters = if
|
|
43
|
+
@parameters = if any_filters?
|
|
40
44
|
filter(clean_unserializable_data(@to_clean[:parameters]))
|
|
41
45
|
else
|
|
42
46
|
clean_unserializable_data(@to_clean[:parameters])
|
|
@@ -46,7 +50,7 @@ module Airbrake
|
|
|
46
50
|
def clean_cgi_data
|
|
47
51
|
return unless @to_clean[:cgi_data]
|
|
48
52
|
|
|
49
|
-
@cgi_data = if
|
|
53
|
+
@cgi_data = if any_filters?
|
|
50
54
|
filter(clean_unserializable_data(@to_clean[:cgi_data]))
|
|
51
55
|
else
|
|
52
56
|
clean_unserializable_data(@to_clean[:cgi_data])
|
|
@@ -56,7 +60,7 @@ module Airbrake
|
|
|
56
60
|
def clean_session_data
|
|
57
61
|
return unless @to_clean[:session_data]
|
|
58
62
|
|
|
59
|
-
@session_data = if
|
|
63
|
+
@session_data = if any_filters?
|
|
60
64
|
filter(clean_unserializable_data(@to_clean[:session_data]))
|
|
61
65
|
else
|
|
62
66
|
clean_unserializable_data(@to_clean[:session_data])
|
|
@@ -71,8 +75,23 @@ module Airbrake
|
|
|
71
75
|
end
|
|
72
76
|
end
|
|
73
77
|
|
|
78
|
+
def any_filters?
|
|
79
|
+
@blacklist_filters.any? || @whitelist_filters.any?
|
|
80
|
+
end
|
|
81
|
+
|
|
74
82
|
def filter_key?(key)
|
|
75
|
-
|
|
83
|
+
blacklist_key?(key) || !whitelist_key?(key)
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def blacklist_key?(key)
|
|
87
|
+
@blacklist_filters.any? do |filter|
|
|
88
|
+
key == filter || filter.is_a?(Regexp) && filter.match(key)
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
def whitelist_key?(key)
|
|
93
|
+
return true if @whitelist_filters.empty?
|
|
94
|
+
@whitelist_filters.any? do |filter|
|
|
76
95
|
key == filter || filter.is_a?(Regexp) && filter.match(key)
|
|
77
96
|
end
|
|
78
97
|
end
|
data/lib/airbrake/version.rb
CHANGED
data/resources/notice.xml
CHANGED
|
@@ -1,2 +1 @@
|
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?><notice version="2.4"><api-key>myapikey</api-key><notifier><name>Airbrake Notifier</name><version>4.2.
|
|
2
|
-
Testing airbrake via "rake airbrake:test". If you can see this, it works.</message><backtrace><line number="432" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run__3460589810992859441__process_action__1355900617236565786__callbacks"/><line number="410" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_process_action_callbacks"/><line number="94" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="run_callbacks"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="process_action"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rescue.rb" method="process_action"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="block in process_action"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="block in instrument"/><line number="21" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications/instrumenter.rb" method="instrument"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="instrument"/><line number="29" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="process_action"/><line number="119" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process"/><line number="41" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/rendering.rb" method="process"/><line number="138" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="dispatch"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rack_delegation.rb" method="dispatch"/><line number="178" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="block in action"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="dispatch"/><line number="33" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="148" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="block in call"/><line number="93" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="block in recognize"/><line number="68" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="optimized_each"/><line number="92" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="recognize"/><line number="139" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="call"/><line number="499" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/best_standards_support.rb" method="call"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/head.rb" method="call"/><line number="24" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/methodoverride.rb" method="call"/><line number="21" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/params_parser.rb" method="call"/><line number="182" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/flash.rb" method="call"/><line number="149" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/session/abstract_store.rb" method="call"/><line number="302" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/cookies.rb" method="call"/><line number="46" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="block in call"/><line number="416" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_call_callbacks"/><line number="44" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="call"/><line number="106" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/sendfile.rb" method="call"/><line number="48" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/remote_ip.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/rack/logger.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/runtime.rb" method="call"/><line number="72" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/cache/strategy/local_cache.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="block in call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="synchronize"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="call"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/static.rb" method="call"/><line number="168" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="call"/><line number="240" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="call"/><line number="240" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="block in execute"/><line number="235" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="each"/><line number="235" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="execute"/><line number="179" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="block in invoke_with_call_chain"/><line number="211" file="/Users/shifi/.rvm/rubies/ruby-2.1.3/lib/ruby/2.1.0/monitor.rb" method="mon_synchronize"/><line number="172" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="invoke_with_call_chain"/><line number="165" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/task.rb" method="invoke"/><line number="150" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="invoke_task"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block (2 levels) in top_level"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="each"/><line number="106" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block in top_level"/><line number="115" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="run_with_threads"/><line number="100" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="top_level"/><line number="78" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="block in run"/><line number="176" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="standard_exception_handling"/><line number="75" file="[GEM_ROOT]/gems/rake-10.4.2/lib/rake/application.rb" method="run"/><line number="33" file="[GEM_ROOT]/gems/rake-10.4.2/bin/rake" method="<top (required)>"/><line number="23" file="[GEM_ROOT]/bin/rake" method="load"/><line number="23" file="[GEM_ROOT]/bin/rake" method="<main>"/></backtrace></error><request><url>http://www.example.com/verify</url><component>application</component><action>verify</action><params><var key="action">verify</var><var key="controller">application</var></params><cgi-data><var key="rack.version">["1", "1"]</var><var key="rack.multithread">false</var><var key="rack.multiprocess">true</var><var key="rack.run_once">false</var><var key="REQUEST_METHOD">GET</var><var key="SERVER_NAME">www.example.com</var><var key="SERVER_PORT">80</var><var key="QUERY_STRING"></var><var key="PATH_INFO">/verify</var><var key="rack.url_scheme">http</var><var key="HTTPS">off</var><var key="SCRIPT_NAME"></var><var key="CONTENT_LENGTH">0</var><var key="REMOTE_ADDR">127.0.0.1</var><var key="action_dispatch.parameter_filter">["password"]</var><var key="action_dispatch.show_exceptions">false</var><var key="action_dispatch.remote_ip">127.0.0.1</var><var key="action_dispatch.request.path_parameters"><var key="action">verify</var><var key="controller">application</var></var><var key="action_dispatch.request.content_type"></var><var key="action_dispatch.request.request_parameters"></var><var key="rack.request.query_string"></var><var key="rack.request.query_hash"></var><var key="action_dispatch.request.query_parameters"></var><var key="action_dispatch.request.parameters"><var key="action">verify</var><var key="controller">application</var></var><var key="action_dispatch.request.formats">["text/html"]</var></cgi-data></request><server-environment><project-root>/Users/shifi/work/rackspace/code/airbrake/tmp/rails_root</project-root><environment-name>test</environment-name><hostname>shifi-mac.local</hostname></server-environment><framework>Rails: 3.0.20</framework></notice>
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?><notice version="2.4"><api-key>myapikey</api-key><notifier><name>Airbrake Notifier</name><version>4.2.1</version><url>https://github.com/airbrake/airbrake</url></notifier><error><class>RuntimeError</class><message>RuntimeError: some message</message><backtrace><line number="5" file="[PROJECT_ROOT]/app/controllers/test_controller.rb" method="index"/><line number="4" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/implicit_render.rb" method="send_action"/><line number="150" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process_action"/><line number="11" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rendering.rb" method="process_action"/><line number="18" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="block in process_action"/><line number="436" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run__4272386663397580188__process_action__581431839689109838__callbacks"/><line number="410" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_process_action_callbacks"/><line number="94" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="run_callbacks"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/callbacks.rb" method="process_action"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rescue.rb" method="process_action"/><line number="30" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="block in process_action"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="block in instrument"/><line number="21" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications/instrumenter.rb" method="instrument"/><line number="52" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/notifications.rb" method="instrument"/><line number="29" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/instrumentation.rb" method="process_action"/><line number="119" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/base.rb" method="process"/><line number="41" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/abstract_controller/rendering.rb" method="process"/><line number="138" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="dispatch"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal/rack_delegation.rb" method="dispatch"/><line number="178" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_controller/metal.rb" method="block in action"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="68" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="dispatch"/><line number="33" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="148" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="block in call"/><line number="93" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="block in recognize"/><line number="68" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="optimized_each"/><line number="92" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/code_generation.rb" method="recognize"/><line number="139" file="[GEM_ROOT]/gems/rack-mount-0.6.14/lib/rack/mount/route_set.rb" method="call"/><line number="499" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/routing/route_set.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/best_standards_support.rb" method="call"/><line number="14" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/head.rb" method="call"/><line number="24" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/methodoverride.rb" method="call"/><line number="21" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/params_parser.rb" method="call"/><line number="182" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/flash.rb" method="call"/><line number="149" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/session/abstract_store.rb" method="call"/><line number="302" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/cookies.rb" method="call"/><line number="46" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="block in call"/><line number="416" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/callbacks.rb" method="_run_call_callbacks"/><line number="44" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/callbacks.rb" method="call"/><line number="106" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/sendfile.rb" method="call"/><line number="48" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/remote_ip.rb" method="call"/><line number="47" file="[GEM_ROOT]/gems/actionpack-3.0.20/lib/action_dispatch/middleware/show_exceptions.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/rack/logger.rb" method="call"/><line number="17" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/runtime.rb" method="call"/><line number="72" file="[GEM_ROOT]/gems/activesupport-3.0.20/lib/active_support/cache/strategy/local_cache.rb" method="call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="block in call"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="synchronize"/><line number="13" file="[GEM_ROOT]/gems/rack-1.2.8/lib/rack/lock.rb" method="call"/><line number="168" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="call"/><line number="77" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/application.rb" method="method_missing"/><line number="4" file="request.rb" method="<top (required)>"/><line number="48" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands/runner.rb" method="eval"/><line number="48" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands/runner.rb" method="<top (required)>"/><line number="39" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands.rb" method="require"/><line number="39" file="[GEM_ROOT]/gems/railties-3.0.20/lib/rails/commands.rb" method="<top (required)>"/><line number="6" file="script/rails" method="require"/><line number="6" file="script/rails" method="<main>"/></backtrace></error><request><url>http://example.com:123/test/index?param=value</url><component>test</component><action>index</action><params><var key="param">value</var><var key="controller">test</var><var key="action">index</var></params><cgi-data><var key="rack.version">["1", "1"]</var><var key="rack.multithread">false</var><var key="rack.multiprocess">true</var><var key="rack.run_once">false</var><var key="REQUEST_METHOD">GET</var><var key="SERVER_NAME">example.com</var><var key="SERVER_PORT">123</var><var key="QUERY_STRING">param=value</var><var key="PATH_INFO">/test/index</var><var key="rack.url_scheme">http</var><var key="HTTPS">off</var><var key="SCRIPT_NAME"></var><var key="CONTENT_LENGTH">0</var><var key="action_dispatch.parameter_filter">["password"]</var><var key="action_dispatch.show_exceptions">true</var><var key="action_dispatch.remote_ip"></var><var key="action_dispatch.request.path_parameters"><var key="controller">test</var><var key="action">index</var></var><var key="action_dispatch.request.content_type"></var><var key="action_dispatch.request.request_parameters"></var><var key="rack.request.query_string">param=value</var><var key="rack.request.query_hash"><var key="param">value</var></var><var key="action_dispatch.request.query_parameters"><var key="param">value</var></var><var key="action_dispatch.request.parameters"><var key="param">value</var><var key="controller">test</var><var key="action">index</var></var><var key="action_dispatch.request.formats">["text/html"]</var></cgi-data></request><server-environment><project-root>/Users/shifi/work/rackspace/code/airbrake/tmp/rails_root</project-root><environment-name>production</environment-name><hostname>us-irving07382.americas.nsn-net.net</hostname></server-environment><framework>Rails: 3.0.20</framework></notice>
|
data/test/configuration_test.rb
CHANGED
|
@@ -23,6 +23,8 @@ class ConfigurationTest < Test::Unit::TestCase
|
|
|
23
23
|
assert_config_default :ignore_user_agent, []
|
|
24
24
|
assert_config_default :params_filters,
|
|
25
25
|
Airbrake::Configuration::DEFAULT_PARAMS_FILTERS
|
|
26
|
+
assert_config_default :params_whitelist_filters,
|
|
27
|
+
Airbrake::Configuration::DEFAULT_PARAMS_WHITELIST_FILTERS
|
|
26
28
|
assert_config_default :backtrace_filters,
|
|
27
29
|
Airbrake::Configuration::DEFAULT_BACKTRACE_FILTERS
|
|
28
30
|
assert_config_default :rake_environment_filters, []
|
data/test/params_cleaner_test.rb
CHANGED
|
@@ -3,8 +3,9 @@ require File.expand_path '../helper', __FILE__
|
|
|
3
3
|
class ParamsCleanerTest < Test::Unit::TestCase
|
|
4
4
|
|
|
5
5
|
def clean(opts = {})
|
|
6
|
-
cleaner = Airbrake::Utils::ParamsCleaner.new(:
|
|
7
|
-
|
|
6
|
+
cleaner = Airbrake::Utils::ParamsCleaner.new(:blacklist_filters => opts.delete(:params_filters) || [],
|
|
7
|
+
:whitelist_filters => opts.delete(:whitelist_params_filters) || [],
|
|
8
|
+
:to_clean => opts)
|
|
8
9
|
cleaner.clean
|
|
9
10
|
end
|
|
10
11
|
|
|
@@ -61,8 +62,25 @@ class ParamsCleanerTest < Test::Unit::TestCase
|
|
|
61
62
|
assert_equal({"abc" => "123"}, clean_params.cgi_data)
|
|
62
63
|
end
|
|
63
64
|
|
|
64
|
-
should "remove rack
|
|
65
|
+
should "remove sensitive rack vars" do
|
|
65
66
|
original = {
|
|
67
|
+
"HTTP_X_CSRF_TOKEN" => "remove_me",
|
|
68
|
+
"HTTP_COOKIE" => "remove_me",
|
|
69
|
+
"HTTP_AUTHORIZATION" => "remove_me",
|
|
70
|
+
"action_dispatch.request.unsigned_session_cookie" => "remove_me",
|
|
71
|
+
"action_dispatch.cookies" => "remove_me",
|
|
72
|
+
"action_dispatch.unsigned_session_cookie" => "remove_me",
|
|
73
|
+
"action_dispatch.secret_key_base" => "remove_me",
|
|
74
|
+
"action_dispatch.signed_cookie_salt" => "remove_me",
|
|
75
|
+
"action_dispatch.encrypted_cookie_salt" => "remove_me",
|
|
76
|
+
"action_dispatch.encrypted_signed_cookie_salt" => "remove_me",
|
|
77
|
+
"action_dispatch.http_auth_salt" => "remove_me",
|
|
78
|
+
"action_dispatch.secret_token" => "remove_me",
|
|
79
|
+
"rack.request.cookie_hash" => "remove_me",
|
|
80
|
+
"rack.request.cookie_string" => "remove_me",
|
|
81
|
+
"rack.request.form_vars" => "remove_me",
|
|
82
|
+
"rack.session" => "remove_me",
|
|
83
|
+
"rack.session.options" => "remove_me",
|
|
66
84
|
"rack.request.form_vars" => "story%5Btitle%5D=The+TODO+label",
|
|
67
85
|
"abc" => "123"
|
|
68
86
|
}
|
|
@@ -95,6 +113,61 @@ class ParamsCleanerTest < Test::Unit::TestCase
|
|
|
95
113
|
assert_filters_hash(:parameters)
|
|
96
114
|
end
|
|
97
115
|
|
|
116
|
+
should "whitelist filter parameters" do
|
|
117
|
+
whitelist_filters = ["abc", :def]
|
|
118
|
+
original = { 'abc' => "123", 'def' => "456", 'ghi' => "789", 'nested' => { 'abc' => '100' },
|
|
119
|
+
'something_with_abc' => 'match the entire string'}
|
|
120
|
+
filtered = { 'abc' => "123",
|
|
121
|
+
'def' => "456",
|
|
122
|
+
'something_with_abc' => "[FILTERED]",
|
|
123
|
+
'ghi' => "[FILTERED]",
|
|
124
|
+
'nested' => "[FILTERED]" }
|
|
125
|
+
|
|
126
|
+
clean_params = clean(:whitelist_params_filters => whitelist_filters,
|
|
127
|
+
:parameters => original)
|
|
128
|
+
|
|
129
|
+
assert_equal(filtered,
|
|
130
|
+
clean_params.send(:parameters))
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
should "not filter everything if whitelist filters are empty" do
|
|
134
|
+
whitelist_filters = []
|
|
135
|
+
original = { 'abc' => '123' }
|
|
136
|
+
clean_params = clean(:whitelist_params_filters => whitelist_filters,
|
|
137
|
+
:parameters => original)
|
|
138
|
+
assert_equal(original, clean_params.send(:parameters))
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
should "not care if filters are defined in nested array" do
|
|
142
|
+
filters = [[/crazy/, :foo, ["bar", ["too"]]]]
|
|
143
|
+
original = {
|
|
144
|
+
'this_is_crazy' => 'yes_it_is',
|
|
145
|
+
'I_am_good' => 'yes_you_are',
|
|
146
|
+
'foo' => '1212',
|
|
147
|
+
'too' => '2121',
|
|
148
|
+
'bar' => 'secret'
|
|
149
|
+
}
|
|
150
|
+
filtered = {
|
|
151
|
+
'this_is_crazy' => '[FILTERED]',
|
|
152
|
+
'I_am_good' => 'yes_you_are',
|
|
153
|
+
'foo' => '[FILTERED]',
|
|
154
|
+
'too' => '[FILTERED]',
|
|
155
|
+
'bar' => '[FILTERED]'
|
|
156
|
+
}
|
|
157
|
+
clean_params = clean(:params_filters => filters,
|
|
158
|
+
:parameters => original)
|
|
159
|
+
assert_equal(filtered, clean_params.send(:parameters))
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
should "filter key if it is defined as blacklist and whitelist" do
|
|
163
|
+
original = { 'filter_me' => 'secret' }
|
|
164
|
+
filtered = { 'filter_me' => '[FILTERED]' }
|
|
165
|
+
clean_params = clean(:params_filters => [:filter_me],
|
|
166
|
+
:params_whitelist_filters => [:filter_me],
|
|
167
|
+
:parameters => original)
|
|
168
|
+
assert_equal(filtered, clean_params.send(:parameters))
|
|
169
|
+
end
|
|
170
|
+
|
|
98
171
|
should "filter cgi data" do
|
|
99
172
|
assert_filters_hash(:cgi_data)
|
|
100
173
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: airbrake
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Airbrake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-06-
|
|
11
|
+
date: 2015-06-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: builder
|
|
@@ -427,7 +427,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
427
427
|
version: '0'
|
|
428
428
|
requirements: []
|
|
429
429
|
rubyforge_project:
|
|
430
|
-
rubygems_version: 2.4.
|
|
430
|
+
rubygems_version: 2.4.8
|
|
431
431
|
signing_key:
|
|
432
432
|
specification_version: 4
|
|
433
433
|
summary: Send your application errors to our hosted service and reclaim your inbox.
|