blouson 1.1.4 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a561df78a14ba07951254ce32982357a83a32eab60691ba688fe95a4049e1d77
4
- data.tar.gz: 53d9f65de40ed900cf5e3fbb4ac2525c74eb563695a1320dd5ae3b0d53b50b73
3
+ metadata.gz: 2b25599e819a53e78883ffd4e743eb30202e9e2fb3f8c7b040d89b538fae446f
4
+ data.tar.gz: 36685c9343cc6db285668bb8bfdd2d7d8ec29c15c621de8005551f6907ca0250
5
5
  SHA512:
6
- metadata.gz: aec465e833f9b260e8d2180ae9147accf15220d3431cf4975a50d73075c56975288d83c0b1245396a281ac492546b3aa36d2f43410ce016f9e770436e0d459aa
7
- data.tar.gz: 2ff71f692ae850d89b3a702480bbb4c13ce226c77984bd1092835a0b1cf55e4335e2d03d7f68857056909d2589a84e895c389a31eccd041437a46aaef640f2b6
6
+ metadata.gz: ade492f5a1994bfed0f02412d98c0e996baa827bcc65ac4256bda7f851e6814d6f9c017e13da5013d7e0c9821e83859f3870ad82d5f7c2d4ac59d0aac024d01f
7
+ data.tar.gz: 3e995584ca65d2498bdcff2d4c6c5bc8cd3d06beadc22569e808408af634577e4d94bd70c18f0613b458e1b6b1466e7807a18bc52aacbce573389a5e4372fe52
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 2.0.0 (2022-05-23)
2
+ - Support parameter filter for `sentry-ruby` gem
3
+ - [Breaking change] Drop dependency of `sentry-raven` gem
4
+
1
5
  # 1.1.4 (2022-05-02)
2
6
  - Fix ArgumentError on activerecord 7.0
3
7
 
data/README.md CHANGED
@@ -65,6 +65,28 @@ end
65
65
  Arproxy.enable!
66
66
  ```
67
67
 
68
+ ### SentryParameterFilter
69
+ Blouson provides an [sentry-ruby](https://github.com/getsentry/sentry-ruby) filter to conceal sensitive data from query string, request body, request headers and cookie values.
70
+
71
+ ```ruby
72
+ require 'sentry-ruby'
73
+ require 'blouson/sentry_parameter_filter'
74
+
75
+ Sentry.init do |config|
76
+ # Enable `send_default_pii` to send the filtered sensitive information.
77
+ config.send_default_pii = true
78
+
79
+ filter_pattern = Rails.application.config.filter_parameters
80
+ secure_headers = %w(secret_token)
81
+ filter = Blouson::SentryParameterFilter.new(filter_pattern, secure_headers)
82
+
83
+ config.before_send = lambda do |event, _hint|
84
+ filter.process(event.to_hash)
85
+ end
86
+ end
87
+
88
+ ```
89
+
68
90
  ### RavenParameterFilterProcessor
69
91
  Blouson provides an [Raven-Ruby](https://github.com/getsentry/raven-ruby) processor to conceal sensitive data from query string, request body, request headers and cookie values.
70
92
 
@@ -81,6 +103,7 @@ Raven.configure do |config|
81
103
  end
82
104
  ```
83
105
 
106
+
84
107
  ### SensitiveMailLogFilter
85
108
  ActionMailer outputs email address, all headers, and body text to the log when sending email.
86
109
 
data/blouson.gemspec CHANGED
@@ -22,11 +22,12 @@ Gem::Specification.new do |spec|
22
22
  spec.require_paths = ["lib"]
23
23
 
24
24
  spec.add_dependency 'rails', '>= 4.0.0'
25
- spec.add_dependency 'sentry-raven'
26
25
 
27
26
  spec.add_development_dependency 'arproxy'
28
27
  spec.add_development_dependency 'mysql2'
29
28
  spec.add_development_dependency 'pry'
29
+ spec.add_development_dependency 'sentry-raven'
30
+ spec.add_development_dependency 'sentry-ruby'
30
31
 
31
32
  spec.add_development_dependency 'appraisal'
32
33
  spec.add_development_dependency "bundler", ">= 1.14"
@@ -0,0 +1,76 @@
1
+ module Blouson
2
+ class SentryParameterFilter
3
+ def initialize(filters, header_filters = [])
4
+ # ActionDispatch::Http::ParameterFilter is deprecated and will be removed from Rails 6.1.
5
+ parameter_filter_klass = if defined?(ActiveSupport::ParameterFilter)
6
+ ActiveSupport::ParameterFilter
7
+ else
8
+ ActionDispatch::Http::ParameterFilter
9
+ end
10
+ @parameter_filter = parameter_filter_klass.new(filters)
11
+ @header_filters = header_filters.map(&:downcase)
12
+ end
13
+
14
+ def process(event)
15
+ process_query_string(event)
16
+ process_request_body(event)
17
+ process_request_header(event)
18
+ process_cookie(event)
19
+ ensure
20
+ return event
21
+ end
22
+
23
+ private
24
+
25
+ def process_request_body(event)
26
+ if event[:request] && event[:request][:data].present?
27
+ data = event[:request][:data]
28
+ if data.is_a?(String)
29
+ # Maybe JSON request
30
+ begin
31
+ data = JSON.parse(data)
32
+ event[:request][:data] = JSON.dump(@parameter_filter.filter(data))
33
+ rescue JSON::ParserError => e
34
+ # Record parser error to extra field
35
+ event[:extra]['BlousonError'] = e.message
36
+ end
37
+ else
38
+ event[:request][:data] = @parameter_filter.filter(data)
39
+ end
40
+ end
41
+ end
42
+
43
+ def process_query_string(event)
44
+ if event[:request] && event[:request][:query_string].present?
45
+ query = Rack::Utils.parse_query(event[:request][:query_string])
46
+ filtered = @parameter_filter.filter(query)
47
+
48
+ event[:request][:query_string] = Rack::Utils.build_query(filtered)
49
+ end
50
+ end
51
+
52
+ def process_request_header(event)
53
+ if event[:request] && event[:request][:headers]
54
+ headers = event[:request][:headers]
55
+ headers.each_key do |k|
56
+ if @header_filters.include?(k.downcase)
57
+ headers[k] = 'FILTERED'
58
+ end
59
+ end
60
+ end
61
+ end
62
+
63
+ def process_cookie(event)
64
+ if (cookies = event.dig(:request, :cookies))
65
+ event[:request][:cookies] = @parameter_filter.filter(cookies)
66
+ end
67
+
68
+ if event[:request] && event[:request][:headers] && event[:request][:headers]['Cookie']
69
+ cookies = Hash[event[:request][:headers]['Cookie'].split('; ').map { |pair| pair.split('=', 2) }]
70
+ filtered = @parameter_filter.filter(cookies)
71
+
72
+ event[:request][:headers]['Cookie'] = filtered.map { |pair| pair.join('=') }.join('; ')
73
+ end
74
+ end
75
+ end
76
+ end
@@ -1,3 +1,3 @@
1
1
  module Blouson
2
- VERSION = "1.1.4"
2
+ VERSION = "2.0.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: blouson
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.4
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cookpad Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-05-02 00:00:00.000000000 Z
11
+ date: 2022-05-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -25,13 +25,13 @@ dependencies:
25
25
  - !ruby/object:Gem::Version
26
26
  version: 4.0.0
27
27
  - !ruby/object:Gem::Dependency
28
- name: sentry-raven
28
+ name: arproxy
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
- type: :runtime
34
+ type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
@@ -39,7 +39,7 @@ dependencies:
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
- name: arproxy
42
+ name: mysql2
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - ">="
@@ -53,7 +53,7 @@ dependencies:
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
- name: mysql2
56
+ name: pry
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - ">="
@@ -67,7 +67,21 @@ dependencies:
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
- name: pry
70
+ name: sentry-raven
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: sentry-ruby
71
85
  requirement: !ruby/object:Gem::Requirement
72
86
  requirements:
73
87
  - - ">="
@@ -168,6 +182,7 @@ files:
168
182
  - lib/blouson/sensitive_params_silener.rb
169
183
  - lib/blouson/sensitive_query_filter.rb
170
184
  - lib/blouson/sensitive_table_query_log_silencer.rb
185
+ - lib/blouson/sentry_parameter_filter.rb
171
186
  - lib/blouson/tolerant_regexp.rb
172
187
  - lib/blouson/version.rb
173
188
  homepage: https://github.com/cookpad/blouson
@@ -189,7 +204,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
189
204
  - !ruby/object:Gem::Version
190
205
  version: '0'
191
206
  requirements: []
192
- rubygems_version: 3.3.8
207
+ rubygems_version: 3.2.32
193
208
  signing_key:
194
209
  specification_version: 4
195
210
  summary: Filter tools to mask sensitive data in various logs