exception_no 0.0.5 → 0.0.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +8 -8
  2. data/CHANGELOG.md +6 -0
  3. data/lib/exception_no.rb +10 -5
  4. data/test/middleware.rb +54 -0
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- NDMwNTRkNzExMWNiOWQ0OGQ5NzFmYmJhYmM2MTBhNGYzMWZiZWZkMg==
4
+ NTc5YjE1YzBkNmYxMjg1ODM2NDAxMjQwNzdlODcxMmMxZDA2MWI1Zg==
5
5
  data.tar.gz: !binary |-
6
- NTY4YmJhNjUzZWU5YTJjMmUyODI5M2ZiMTVkYTZmOGJmNWE2MWIwNw==
6
+ ODNmYTNmOTBmYjYyMmIyZTE2MDc2NzhmYzBmNzk5ZDI2NTM3NzAyZg==
7
7
  !binary "U0hBNTEy":
8
8
  metadata.gz: !binary |-
9
- MDI3ZTY2NjhkYjk2NjU3ODZmNGNhNTMyNjczZDUwYWRiZDE1NmFmZjdhOWI4
10
- YWNjYmIzYjAyMGM5MzhmOTdkMWUyMGYyNGIwNjFlMzQxMWJlMTUxMzU1ZTYx
11
- NTU2YTc2NDY5NDBmNzAzN2I4M2RjNjlhYzA4YWY2MDUwODFkMzU=
9
+ OGRmOGQ2ZjI3MmYyNDdlMjUzOGJkZGE1MjBjMDcwN2Y0MTdhOWRjNzI5ZGIw
10
+ MDQ0ZDFhZGExMGUzOGJiZDQ4ZTI0MWI1NmJiMGUyNDBkZDc2ZDQyNzNhOTUy
11
+ YzZmZGFmMTNlZTgyMThiOTliY2UyODkwNTViNmE4M2I1NWQzMGQ=
12
12
  data.tar.gz: !binary |-
13
- M2RmMjc2ZjQyNjg1MzRlN2M0OTUyNDY1MTVjNjM2ODNjZjk4ZjNmNmZjNTU5
14
- NzFlYjU0ODNkZmY1NjNiMDVkYzdkNzkwZWVhYzBhMjdmNzY1Y2NhM2E0YjE2
15
- ZDkxMmZjMDgyOTFhYjY4MTAzNzM4NDYzZmYyYmFlMWY5NzBiYWI=
13
+ ZTMyZTllNjY0OGJiYzdmZmVkYzVjNzJkOTZkNzEwZTAxNTEyNDAzOWQwODVi
14
+ Zjk1NzIwNWIwZmM4Yzk3MDNjMTRhOWI1NWE4ODExYTM5YTFkZDc5NTBkY2Nj
15
+ MGI5ZWNlNGU4MDllYTIwYzFkYTU4NjIwMTAwNGM0ZGI3NzRkMTU=
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ 0.0.6 - 2014-09-11
2
+ ==================
3
+
4
+ * The middleware now accepts a `:sanitizer` proc that filters the environment
5
+ for sensitive parameters before notifying (e.g. credit card numbers).
6
+
1
7
  0.0.5 - 2014-09-10
2
8
  ==================
3
9
 
data/lib/exception_no.rb CHANGED
@@ -3,7 +3,7 @@ require "erb"
3
3
  require "pp"
4
4
 
5
5
  class ExceptionNo
6
- VERSION = "0.0.5"
6
+ VERSION = "0.0.6"
7
7
 
8
8
  attr_accessor :backtrace_filter
9
9
  attr_accessor :behaviors
@@ -66,9 +66,10 @@ class ExceptionNo
66
66
  EMAIL
67
67
 
68
68
  class Middleware
69
- def initialize(app, notifier)
69
+ def initialize(app, notifier, options = {})
70
70
  @app = app
71
71
  @notifier = notifier
72
+ @sanitizer = options.fetch(:sanitizer, -> _ { _ })
72
73
  end
73
74
 
74
75
  def call(env)
@@ -93,17 +94,21 @@ class ExceptionNo
93
94
  parts << "Cookie: #{req.env["HTTP_COOKIE"]}" if req.cookies.size > 0
94
95
 
95
96
  if req.form_data?
96
- body = req.POST.pretty_inspect
97
+ body = @sanitizer.call(req.POST).pretty_inspect
97
98
  else
98
99
  req.body.rewind
99
100
 
100
101
  body = req.body.read
101
102
 
102
- body = nil if body.empty?
103
+ if body.empty?
104
+ body = nil
105
+ else
106
+ body = @sanitizer.call(body)
107
+ end
103
108
  end
104
109
 
105
110
  if body
106
- parts << "Body: \n#{body.gsub(/^/, " ")}"
111
+ parts << "Body: \n\n#{body.gsub(/^/, " ")}"
107
112
  end
108
113
 
109
114
  parts
data/test/middleware.rb CHANGED
@@ -109,3 +109,57 @@ test "doesn't raise when the notification fails" do |app|
109
109
  end
110
110
  end
111
111
  end
112
+
113
+ test "allows for env sanitization before notifying" do
114
+ app = Rack::Builder.new do |builder|
115
+ builder.use ExceptionNo::Middleware,
116
+ ExceptionNo.new(
117
+ host: "127.0.0.1",
118
+ port: 2525,
119
+ to: "root@localhost",
120
+ from: "service@localhost",
121
+ ),
122
+ sanitizer: -> payload do
123
+ if payload.kind_of?(String)
124
+ payload.sub(/credit_card:(\d+)/, "credit_card:masked")
125
+ else
126
+ payload.merge("credit_card" => "masked")
127
+ end
128
+ end
129
+
130
+ builder.run(-> env { 1 / 0 })
131
+ end
132
+
133
+ env = Rack::MockRequest.env_for(
134
+ "/baz",
135
+ "REQUEST_METHOD" => "POST",
136
+ input: "foo=bar&credit_card=12345",
137
+ )
138
+
139
+ begin
140
+ app.call(env)
141
+ rescue ZeroDivisionError
142
+ end
143
+
144
+ headers, body = parse_email($smtp.outbox.pop[:data])
145
+
146
+ assert body.include?(%Q[ {"foo"=>"bar", "credit_card"=>"masked"}])
147
+ assert !body.include?("12345")
148
+
149
+ env = Rack::MockRequest.env_for(
150
+ "/baz",
151
+ "REQUEST_METHOD" => "POST",
152
+ "CONTENT_TYPE" => "text/plain; charset=utf-8",
153
+ input: "foo:bar, credit_card:12345",
154
+ )
155
+
156
+ begin
157
+ app.call(env)
158
+ rescue ZeroDivisionError
159
+ end
160
+
161
+ headers, body = parse_email($smtp.outbox.pop[:data])
162
+
163
+ assert body.include?(%Q[ foo:bar, credit_card:masked])
164
+ assert !body.include?("12345")
165
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: exception_no
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Educabilia
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-09-10 00:00:00.000000000 Z
12
+ date: 2014-09-11 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: cutest