fluent-plugin-nginx-nap-decode 0.4.6 → 0.4.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +0 -1
  3. data/fluent-plugin-nginx-nap-decode-0.4.61.gem +0 -0
  4. data/fluent-plugin-nginx-nap-decode.gemspec +1 -1
  5. data/lib/fluent/plugin/filter_nginx_nap_decode.rb +16 -17
  6. data/publish.md +10 -0
  7. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '010867c0eee3e9fc2ef76c6d84050864f527321c7c84db81394d3fdd3eab17f8'
4
- data.tar.gz: 76203ad83b452ef1b9244fda0d0994da2f7b5328065badb05873e3da4b144123
3
+ metadata.gz: 78dd10b00c95b69c2be928379375e58d3fe2d22ecd46f7a5888aacb52838b80c
4
+ data.tar.gz: 4af755f766e3e1236577cbfac90f2d6c5d4e05e0333b631c4ff749ead2fdcca4
5
5
  SHA512:
6
- metadata.gz: dbacb374827831eda39ab2fbfa72289cc416b9c0506fc1d3a42011f521e938c27dfe279e801b156b4abcfdacc06990cc5c1ef67f6caf088bdd35f6ad5fc3eb23
7
- data.tar.gz: 41790deea3e148c03d6cd8b766a18b047d2b43613cdfa6dc10a5f93b48c464a235c93ee52af75d1060f4f99f1cbb033171bad84ced6101c974e4de4d67047318
6
+ metadata.gz: 75bc5016755b053f3b07310a7294d09cb6a2bbc0d42b96ef92be64bff0a3f938599e493662d68946ea69cd856ef3be40e3b20ff51951f1ff7983e6a1db4246ee
7
+ data.tar.gz: d3b2acb0cf664e577d46aae0a4ef17f50c3ab712ec4f6803b2878335c8ebe59f767b7b7286e990590c2c2ead010685b92a5c48c10c4eaa9bd2c33c072a9d4bba
data/.gitignore CHANGED
@@ -1,3 +1,2 @@
1
1
  Gemfile.lock
2
2
  .gem
3
- .txt
data/fluent-plugin-nginx-nap-decode.gemspec CHANGED
@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
3
 
4
4
  Gem::Specification.new do |spec|
5
5
  spec.name = "fluent-plugin-nginx-nap-decode"
6
- spec.version = "0.4.6"
6
+ spec.version = "0.4.62"
7
7
  spec.authors = ["Kostas Skenderidis"]
8
8
  spec.email = ["skenderidis@gmail.com"]
9
9
 
data/lib/fluent/plugin/filter_nginx_nap_decode.rb CHANGED
@@ -34,78 +34,77 @@ module Fluent
34
34
 
35
35
  if record['violations']['policyEntity'].has_key?('cookies')
36
36
  record['violations']['context']='cookies'
37
- record['violations']['snippet']['buffer-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['snippet']['buffer'])) #base64 decode
38
- record['violations']['observedEntity']['value-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['value'])) #base64 decode
37
+ record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) #base64 decode
38
+ record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
39
39
  # If header is explicit then the NAP does NOT provide the "observedEntity". This
40
40
  # This creates a problem with reporting later on, so we added the record "name"
41
41
  # Notes: Why is parameters an array!!
42
42
  if record['violations']['policyEntity']['cookies'][0]['type']=="wildcard"
43
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
43
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
44
44
  else
45
45
  record['violations']['observedEntity']['name-decode']=record['violations']['policyEntity']['cookies'][0]['name']
46
46
  end
47
47
  end
48
48
  if record['violations']['policyEntity'].has_key?('headers')
49
49
  record['violations']['context']='headers'
50
- record['violations']['snippet']['buffer-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['snippet']['buffer'])) #base64 decode
51
- record['violations']['observedEntity']['value-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['value'])) #base64 decode
50
+ record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) #base64 decode
51
+ record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
52
52
  # If header is explicit then the NAP does NOT provide the "observedEntity". This
53
53
  # This creates a problem with reporting later on, so we added the record "name"
54
54
  # Notes: Why is parameters an array!!
55
55
  if record['violations']['policyEntity']['headers'][0]['type']=="wildcard"
56
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
56
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
57
57
  else
58
58
  record['violations']['observedEntity']['name-decode']=record['violations']['policyEntity']['headers'][0]['name']
59
59
  end
60
60
  end
61
61
  if record['violations']['policyEntity'].has_key?('parameters')
62
62
  record['violations']['context']='parameters'
63
- record['violations']['snippet']['buffer-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['snippet']['buffer'])) #base64 decode
64
- record['violations']['observedEntity']['value-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['value'])) #base64 decode
63
+ record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) #base64 decode
64
+ record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
65
65
  # If parameter is explicit then the NAP does NOT provide the "observedEntity". This
66
66
  # This creates a problem with reporting later on, so we added the record "name"
67
67
  # Notes: Why is parameters an array!!
68
68
  if record['violations']['policyEntity']['parameters'][0]['type']=="wildcard"
69
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
69
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
70
70
  else
71
71
  record['violations']['observedEntity']['name-decode']=record['violations']['policyEntity']['parameters'][0]['name']
72
72
  end
73
73
  end
74
74
  if record['violations']['policyEntity'].has_key?('urls')
75
75
  record['violations']['context']='urls'
76
- record['violations']['snippet']['buffer-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['snippet']['buffer'])) #base64 decode
77
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
76
+ record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) #base64 decode
77
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
78
78
  end
79
79
  else
80
80
  record['violations']['context']='request'
81
- record['violations']['snippet']['buffer-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['snippet']['buffer'])) #base64 decode
81
+ record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) #base64 decode
82
82
  end
83
83
 
84
84
 
85
85
  when 'VIOL_COOKIE_LENGTH', 'VIOL_HEADER_LENGTH', 'VIOL_URL_METACHAR'
86
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
86
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
87
87
 
88
88
  when 'VIOL_PARAMETER_VALUE_METACHAR', 'VIOL_PARAMETER_DATA_TYPE', 'VIOL_PARAMETER_EMPTY_VALUE', 'VIOL_PARAMETER_NUMERIC_VALUE', 'VIOL_PARAMETER_VALUE_LENGTH'
89
- record['violations']['observedEntity']['value-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['value'])) #base64 decode
89
+ record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
90
90
  # If parameter is explicit then the NAP does NOT provide the "observedEntity".
91
91
  # For consistency we create the observedEntity.value
92
92
  # This creates a problem with reporting later on, so we added the record "name"
93
93
  # Notes: Why is parameters an array!!
94
94
  if record['violations']['policyEntity']['parameters'][0]['type']=="wildcard"
95
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
95
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
96
96
  else
97
97
  record['violations']['observedEntity']['name-decode']=record['violations']['policyEntity']['parameters'][0]['name']
98
98
  end
99
99
 
100
100
 
101
101
  when 'VIOL_URL_LENGTH', 'VIOL_POST_DATA_LENGTH', 'VIOL_QUERY_STRING_LENGTH', 'VIOL_REQUEST_LENGTH'
102
- record['violations']['observedEntity']['value-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['value'])) #base64 decode
103
102
  # If filetype is explicit then the NAP does NOT provide the "observedEntity".
104
103
  # For consistency we create the observedEntity.value
105
104
  # This creates a problem with reporting later on, so we added the record "name"
106
105
  # Notes: Why is filetypes an array!!
107
106
  if record['violations']['policyEntity']['filetypes'][0]['type']=="wildcard"
108
- record['violations']['observedEntity']['name-decode']=URI.encode_www_form_component(Base64.decode64(record['violations']['observedEntity']['name'])) #base64 decode
107
+ record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
109
108
  else
110
109
  record['violations']['observedEntity']['name-decode']=record['violations']['policyEntity']['filetypes'][0]['name']
111
110
  end
data/publish.md ADDED
@@ -0,0 +1,10 @@
1
+ 1. First build the GEM
2
+ ```
3
+ gem build fluent-plugin-nginx-nap-decode.gemspec
4
+ ```
5
+
6
+ 2. Push to rubygems
7
+ ```
8
+ gem push fluent-plugin-nginx-nap-decode-0.X.X.gem
9
+ ```
10
+
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-nginx-nap-decode
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.6
4
+ version: 0.4.62
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kostas Skenderidis
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-20 00:00:00.000000000 Z
11
+ date: 2023-11-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: fluentd
@@ -42,8 +42,10 @@ files:
42
42
  - LICENSE
43
43
  - README.md
44
44
  - Rakefile
45
+ - fluent-plugin-nginx-nap-decode-0.4.61.gem
45
46
  - fluent-plugin-nginx-nap-decode.gemspec
46
47
  - lib/fluent/plugin/filter_nginx_nap_decode.rb
48
+ - publish.md
47
49
  - test/helper.rb
48
50
  - test/plugin/test_filter_nginx_nap_decode.rb
49
51
  homepage: https://github.com/skenderidis/fluent-plugin-nginx-nap-decode