immunio 1.0.2 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bfccbfc5c7719eb52d20d25f321e69a8237bea4a
-  data.tar.gz: de0e2240f7c958e8dc22f3bc859d53b758d54b8e
+  metadata.gz: 32e3badd0b140fd2fe05d77ecc5c64ab1f5ca5e0
+  data.tar.gz: 8b66b7f499e9106c8b94fe9e0dbdab2433fe9a7c
 SHA512:
-  metadata.gz: 9af162bbf91d49c20f126ce69d4fc4b8ef220880f3d2ac7dfc15e035b2e386c5ab290896161877eccef97edf460b3d2b3b4afc8fb5997d65da93061b6b88edf1
-  data.tar.gz: 21de7b2342ad41dbb9be6ef89fad8991eb0e04c4598c064806538a5d665936746ca40255eba4e40ef6543b1fad857dde79e7e11d43bd9e66507733fc5ae76cf3
+  metadata.gz: ed9e737272bbe584ab6435958543a2fff0f854a3c635857eab74d8cf3e9800a4250dba38773fa16e76835451607b20717332b8c92d6fed9ef376ab62bbf147ed
+  data.tar.gz: 73e02e430bc5047e830807887ec4959ac030ace837e8af3ed31ea482fae5709703801dc37c6a784766051649a7a32f2ec3b609be9e4d31b777cce7a1a788c191

data/lib/immunio/plugins/action_view.rb

@@ -4,6 +4,20 @@ require 'securerandom'
 module Immunio
   # Renders templates by filtering them through Immunio's hook handlers.
   class Template
+    CHECKSUM_CACHE = Hash.new do |cache, template_id|
+      template = ObjectSpace._id2ref(template_id)
+
+      if template.respond_to?(:source) && !template.source.nil?
+        finalizer = Immunio::Template.finalize_template(template_id)
+        ObjectSpace.define_finalizer(template, finalizer)
+        cache[template_id] = Digest::SHA1.hexdigest(template.source).freeze
+      end
+    end
+
+    def self.finalize_template(id)
+      proc { CHECKSUM_CACHE.delete(id) if CHECKSUM_CACHE.has_key?(id) }
+    end
+
     attr_accessor :vars
 
     def initialize(template)
@@ -52,10 +66,7 @@ module Immunio
     end
 
     def template_sha
-      # A template might have a source but it might be nil.
-      @template_sha ||= begin
-        Digest::SHA1.hexdigest(@template.source) if has_source?
-      end
+      CHECKSUM_CACHE[@template.object_id]
     end
 
     def compiled?
@@ -82,7 +93,7 @@ module Immunio
       @nonce ||= SecureRandom.hex(2)
     end
 
-    def mark_var(content, code, template_id, file, line, escape)
+    def self.mark_var(content, code, template_id, template_sha, file, line, escape, is_text, handler)
       id = Template.next_var_id
       nonce = Template.get_nonce
 
@@ -91,7 +102,7 @@ module Immunio
       # escaping if content is not itself a SafeBuffer.
       # Otherwise we explicitly convert to a string, and convert that to a SafeBuffer to ensure that
       # for instance no escaping is performed on the contents of a <%== %> Erubis interpolation.
-      rendering = if escape && !is_text?
+      rendering = if escape && !is_text
 
         # explicitly convert (w/ escapes) and mark safe things that aren't String (SafeBuffer is_a String also)
         # `to_s` is used to render any object passed to a template.
@@ -129,7 +140,7 @@ module Immunio
         template_sha: template_sha,
         template_id: template_id.to_s,
         nonce: nonce,
-        code: wrap_code(code, escape: escape),
+        code: wrap_code(code, handler, escape: escape),
         file: file,
         line: line
       }
@@ -196,13 +207,21 @@ module Immunio
       template = Template.current
       if template
         template_id = template.next_template_id
-        "(__immunio_result = (#{code}); Immunio::Template.render_var(#{code.strip.inspect}, __immunio_result, #{template_id}, __FILE__, __LINE__, #{escape}))"
+
+        handler = template.instance_variable_get(:@template).handler
+        handler_name = if handler.is_a? Class
+          handler.name
+        else
+          handler.class.name
+        end
+
+        "(__immunio_result = (#{code}); Immunio::Template.render_var(#{code.strip.inspect}, __immunio_result, #{template_id}, '#{template.template_sha}', __FILE__, __LINE__, #{escape}, #{template.is_text?}, '#{handler_name}'))"
       else
         code
       end
     end
 
-    def self.render_var(code, rendered, template_id, file, line, escape)
+    def self.render_var(code, rendered, template_id, template_sha, file, line, escape, is_text, handler)
       if rendered.instance_variable_get("@__immunio_processed") then
         # Ignore buffers marked as __immunio_processed in render as these are full templates or partials
         return rendered
@@ -210,10 +229,7 @@ module Immunio
         # Ignore yielded blocks inside layouts
         return rendered
       end
-      template = Template.current
-      if template
-        rendered = template.mark_var rendered, code, template_id, file, line, escape
-      end
+      rendered = mark_var rendered, code, template_id, template_sha, file, line, escape, is_text, handler
       rendered.html_safe
     end
 
@@ -244,12 +260,12 @@ module Immunio
         Thread.current["immunio.rendering_stack"] ||= []
       end
 
-      def wrap_code(code, options = {})
+      def self.wrap_code(code, handler, options = {})
         case
-        when @template.handler.is_a?(ActionView::Template::Handlers::ERB)
+        when handler == 'ActionView::Template::Handlers::ERB'
           modifier = options[:escape] ? '=' : '=='
           "<%#{modifier} #{code} %>"
-        when defined?(Haml::Plugin) && @template.handler == Haml::Plugin
+        when handler == 'Haml::Plugin'
           modifier = options[:escape] ? '=' : '!='
           "#{modifier} #{code}"
         end

data/lib/immunio/version.rb

@@ -1,5 +1,5 @@
 module Immunio
   AGENT_TYPE = "agent-ruby"
-  VERSION = "1.0.2"
+  VERSION = "1.0.3"
   VM_VERSION = "2.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: immunio
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.3
 platform: ruby
 authors:
 - Immunio
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-16 00:00:00.000000000 Z
+date: 2015-10-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails