blouson 1.1.4 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a561df78a14ba07951254ce32982357a83a32eab60691ba688fe95a4049e1d77
4
- data.tar.gz: 53d9f65de40ed900cf5e3fbb4ac2525c74eb563695a1320dd5ae3b0d53b50b73
3
+ metadata.gz: 2b25599e819a53e78883ffd4e743eb30202e9e2fb3f8c7b040d89b538fae446f
4
+ data.tar.gz: 36685c9343cc6db285668bb8bfdd2d7d8ec29c15c621de8005551f6907ca0250
5
5
  SHA512:
6
- metadata.gz: aec465e833f9b260e8d2180ae9147accf15220d3431cf4975a50d73075c56975288d83c0b1245396a281ac492546b3aa36d2f43410ce016f9e770436e0d459aa
7
- data.tar.gz: 2ff71f692ae850d89b3a702480bbb4c13ce226c77984bd1092835a0b1cf55e4335e2d03d7f68857056909d2589a84e895c389a31eccd041437a46aaef640f2b6
6
+ metadata.gz: ade492f5a1994bfed0f02412d98c0e996baa827bcc65ac4256bda7f851e6814d6f9c017e13da5013d7e0c9821e83859f3870ad82d5f7c2d4ac59d0aac024d01f
7
+ data.tar.gz: 3e995584ca65d2498bdcff2d4c6c5bc8cd3d06beadc22569e808408af634577e4d94bd70c18f0613b458e1b6b1466e7807a18bc52aacbce573389a5e4372fe52
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 2.0.0 (2022-05-23)
2
+ - Support parameter filter for `sentry-ruby` gem
3
+ - [Breaking change] Drop dependency of `sentry-raven` gem
4
+
1
5
  # 1.1.4 (2022-05-02)
2
6
  - Fix ArgumentError on activerecord 7.0
3
7
 
data/README.md CHANGED
@@ -65,6 +65,28 @@ end
65
65
  Arproxy.enable!
66
66
  ```
67
67
 
68
+ ### SentryParameterFilter
69
+ Blouson provides an [sentry-ruby](https://github.com/getsentry/sentry-ruby) filter to conceal sensitive data from query string, request body, request headers and cookie values.
70
+
71
+ ```ruby
72
+ require 'sentry-ruby'
73
+ require 'blouson/sentry_parameter_filter'
74
+
75
+ Sentry.init do |config|
76
+ # Enable `send_default_pii` to send the filtered sensitive information.
77
+ config.send_default_pii = true
78
+
79
+ filter_pattern = Rails.application.config.filter_parameters
80
+ secure_headers = %w(secret_token)
81
+ filter = Blouson::SentryParameterFilter.new(filter_pattern, secure_headers)
82
+
83
+ config.before_send = lambda do |event, _hint|
84
+ filter.process(event.to_hash)
85
+ end
86
+ end
87
+
88
+ ```
89
+
68
90
  ### RavenParameterFilterProcessor
69
91
  Blouson provides an [Raven-Ruby](https://github.com/getsentry/raven-ruby) processor to conceal sensitive data from query string, request body, request headers and cookie values.
70
92
 
@@ -81,6 +103,7 @@ Raven.configure do |config|
81
103
  end
82
104
  ```
83
105
 
106
+
84
107
  ### SensitiveMailLogFilter
85
108
  ActionMailer outputs email address, all headers, and body text to the log when sending email.
86
109
 
data/blouson.gemspec CHANGED
@@ -22,11 +22,12 @@ Gem::Specification.new do |spec|
22
22
  spec.require_paths = ["lib"]
23
23
 
24
24
  spec.add_dependency 'rails', '>= 4.0.0'
25
- spec.add_dependency 'sentry-raven'
26
25
 
27
26
  spec.add_development_dependency 'arproxy'
28
27
  spec.add_development_dependency 'mysql2'
29
28
  spec.add_development_dependency 'pry'
29
+ spec.add_development_dependency 'sentry-raven'
30
+ spec.add_development_dependency 'sentry-ruby'
30
31
 
31
32
  spec.add_development_dependency 'appraisal'
32
33
  spec.add_development_dependency "bundler", ">= 1.14"
@@ -0,0 +1,76 @@
1
+ module Blouson
2
+ class SentryParameterFilter
3
+ def initialize(filters, header_filters = [])
4
+ # ActionDispatch::Http::ParameterFilter is deprecated and will be removed from Rails 6.1.
5
+ parameter_filter_klass = if defined?(ActiveSupport::ParameterFilter)
6
+ ActiveSupport::ParameterFilter
7
+ else
8
+ ActionDispatch::Http::ParameterFilter
9
+ end
10
+ @parameter_filter = parameter_filter_klass.new(filters)
11
+ @header_filters = header_filters.map(&:downcase)
12
+ end
13
+
14
+ def process(event)
15
+ process_query_string(event)
16
+ process_request_body(event)
17
+ process_request_header(event)
18
+ process_cookie(event)
19
+ ensure
20
+ return event
21
+ end
22
+
23
+ private
24
+
25
+ def process_request_body(event)
26
+ if event[:request] && event[:request][:data].present?
27
+ data = event[:request][:data]
28
+ if data.is_a?(String)
29
+ # Maybe JSON request
30
+ begin
31
+ data = JSON.parse(data)
32
+ event[:request][:data] = JSON.dump(@parameter_filter.filter(data))
33
+ rescue JSON::ParserError => e
34
+ # Record parser error to extra field
35
+ event[:extra]['BlousonError'] = e.message
36
+ end
37
+ else
38
+ event[:request][:data] = @parameter_filter.filter(data)
39
+ end
40
+ end
41
+ end
42
+
43
+ def process_query_string(event)
44
+ if event[:request] && event[:request][:query_string].present?
45
+ query = Rack::Utils.parse_query(event[:request][:query_string])
46
+ filtered = @parameter_filter.filter(query)
47
+
48
+ event[:request][:query_string] = Rack::Utils.build_query(filtered)
49
+ end
50
+ end
51
+
52
+ def process_request_header(event)
53
+ if event[:request] && event[:request][:headers]
54
+ headers = event[:request][:headers]
55
+ headers.each_key do |k|
56
+ if @header_filters.include?(k.downcase)
57
+ headers[k] = 'FILTERED'
58
+ end
59
+ end
60
+ end
61
+ end
62
+
63
+ def process_cookie(event)
64
+ if (cookies = event.dig(:request, :cookies))
65
+ event[:request][:cookies] = @parameter_filter.filter(cookies)
66
+ end
67
+
68
+ if event[:request] && event[:request][:headers] && event[:request][:headers]['Cookie']
69
+ cookies = Hash[event[:request][:headers]['Cookie'].split('; ').map { |pair| pair.split('=', 2) }]
70
+ filtered = @parameter_filter.filter(cookies)
71
+
72
+ event[:request][:headers]['Cookie'] = filtered.map { |pair| pair.join('=') }.join('; ')
73
+ end
74
+ end
75
+ end
76
+ end
@@ -1,3 +1,3 @@
1
1
  module Blouson
2
- VERSION = "1.1.4"
2
+ VERSION = "2.0.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: blouson
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.4
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cookpad Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-05-02 00:00:00.000000000 Z
11
+ date: 2022-05-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -25,13 +25,13 @@ dependencies:
25
25
  - !ruby/object:Gem::Version
26
26
  version: 4.0.0
27
27
  - !ruby/object:Gem::Dependency
28
- name: sentry-raven
28
+ name: arproxy
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
- type: :runtime
34
+ type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
@@ -39,7 +39,7 @@ dependencies:
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
- name: arproxy
42
+ name: mysql2
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - ">="
@@ -53,7 +53,7 @@ dependencies:
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
- name: mysql2
56
+ name: pry
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - ">="
@@ -67,7 +67,21 @@ dependencies:
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
- name: pry
70
+ name: sentry-raven
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: sentry-ruby
71
85
  requirement: !ruby/object:Gem::Requirement
72
86
  requirements:
73
87
  - - ">="
@@ -168,6 +182,7 @@ files:
168
182
  - lib/blouson/sensitive_params_silener.rb
169
183
  - lib/blouson/sensitive_query_filter.rb
170
184
  - lib/blouson/sensitive_table_query_log_silencer.rb
185
+ - lib/blouson/sentry_parameter_filter.rb
171
186
  - lib/blouson/tolerant_regexp.rb
172
187
  - lib/blouson/version.rb
173
188
  homepage: https://github.com/cookpad/blouson
@@ -189,7 +204,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
189
204
  - !ruby/object:Gem::Version
190
205
  version: '0'
191
206
  requirements: []
192
- rubygems_version: 3.3.8
207
+ rubygems_version: 3.2.32
193
208
  signing_key:
194
209
  specification_version: 4
195
210
  summary: Filter tools to mask sensitive data in various logs