infinum_graylog 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9ebab5ef35a4fdfcd2e902c6e31cb1e6fe372bea0f8eefb149c378ebd711f1a
-  data.tar.gz: dc79d5fadab1d6e1714aabe92491816b669119ca0472c7c9e56749d02bb78e2e
+  metadata.gz: 49569ea1e932e8f9252b96592f7e934932311273f799e320be8caea2e25936cf
+  data.tar.gz: 5dac3718045d2ae7542a7285ae226e69cddf04b28e345e40e07dff3505029ee1
 SHA512:
-  metadata.gz: 4feea4563017feeced5471c1fe3efb55076c158f14deeb41d7997ce13d81f637486858996ea2a90abc32e7e0cdc75bc4a002b605ad4ce9a94bfc5a23d1bf5ad6
-  data.tar.gz: f616ace8c2e7023b40fa0f21795daae5c3e6d64a5b672a7d50cae242f075872a37b0937462736aca90fa30cb58034f615dbaa0e9dce3852fe87526e59c5d48f1
+  metadata.gz: fd5bad3f451ab0dafb635dfd58c0750197803b940360ce12db68b1517d761b0273fbdff351da8c196cb3da293f75bdaf116f92083656ef2e72e8de7a954fd78e
+  data.tar.gz: 14f9c4bf3f901aea6f492adc656cd07e13a3b5bd678c442cdec87375088874574d7a0149e8bbc0c89d60692bb98503d1c41eb34128f94eec1104a6fe2c3e86ff

data/lib/infinum_graylog.rb

@@ -1,5 +1,6 @@
 require 'gelf'
 require 'infinum_graylog/version'
+require 'infinum_graylog/cleaner'
 require 'infinum_graylog/configuration'
 require 'infinum_graylog/process_action_controller'
 require 'infinum_graylog/sql_active_record'

data/lib/infinum_graylog/cleaner.rb

@@ -0,0 +1,123 @@
+require 'uri'
+
+module InfinumGraylog
+  class Cleaner
+    ENCODING_OPTIONS = {:invalid => :replace, :undef => :replace}.freeze
+    FILTERED = '[FILTERED]'.freeze
+    RECURSION = '[RECURSION]'.freeze
+    OBJECT = '[OBJECT]'.freeze
+    RAISED = '[RAISED]'.freeze
+
+    def initialize(filters)
+      @filters = Array(filters)
+      @deep_filters = @filters.any? {|f| f.kind_of?(Regexp) && f.to_s.include?("\\.".freeze) }
+    end
+
+    def clean_object(obj)
+      traverse_object(obj, {}, nil)
+    end
+
+    def traverse_object(obj, seen, scope)
+      return nil if obj.nil?
+
+      # Protect against recursion of recursable items
+      protection = if obj.is_a?(Hash) || obj.is_a?(Array) || obj.is_a?(Set)
+        return seen[obj] if seen[obj]
+        seen[obj] = RECURSION
+      end
+
+      value = case obj
+      when Hash
+        clean_hash = {}
+        obj.each do |k,v|
+          if filters_match_deeply?(k, scope)
+            clean_hash[k] = FILTERED
+          else
+            clean_hash[k] = traverse_object(v, seen, [scope, k].compact.join('.'))
+          end
+        end
+        clean_hash
+      when Array, Set
+        obj.map { |el| traverse_object(el, seen, scope) }
+      when Numeric, TrueClass, FalseClass
+        obj
+      when String
+        clean_string(obj)
+      else
+        str = obj.to_s rescue RAISED
+        # avoid leaking potentially sensitive data from objects' #inspect output
+        if str =~ /#<.*>/
+          OBJECT
+        else
+          clean_string(str)
+        end
+      end
+
+      seen[obj] = value if protection
+      value
+    end
+
+    def clean_string(str)
+      if defined?(str.encoding) && defined?(Encoding::UTF_8)
+        if str.encoding == Encoding::UTF_8
+          str.valid_encoding? ? str : str.encode('utf-16', ENCODING_OPTIONS).encode('utf-8')
+        else
+          str.encode('utf-8', ENCODING_OPTIONS)
+        end
+      elsif defined?(Iconv)
+        Iconv.conv('UTF-8//IGNORE', 'UTF-8', str) || str
+      else
+        str
+      end
+    end
+
+    def self.clean_object_encoding(obj)
+      new(nil).clean_object(obj)
+    end
+
+    def clean_url(url)
+      return url if @filters.empty?
+
+      uri = URI(url)
+      return url unless uri.query
+
+      query_params = uri.query.split('&').map { |pair| pair.split('=') }
+      query_params.map! do |key, val|
+        if filters_match?(key)
+          "#{key}=#{FILTERED}"
+        else
+          "#{key}=#{val}"
+        end
+      end
+
+      uri.query = query_params.join('&')
+      uri.to_s
+    end
+
+    private
+
+    def filters_match?(key)
+      str = key.to_s
+
+      @filters.any? do |f|
+        case f
+        when Regexp
+          str.match(f)
+        else
+          str.include?(f.to_s)
+        end
+      end
+    end
+
+    # If someone has a Rails filter like /^stuff\.secret/, it won't match "request.params.stuff.secret",
+    # so we try it both with and without the "request.params." bit.
+    def filters_match_deeply?(key, scope)
+      return true if filters_match?(key)
+      return false unless @deep_filters
+
+      long = [scope, key].compact.join('.')
+      short = long.sub(/^request\.params\./, '')
+      filters_match?(long) || filters_match?(short)
+    end
+  end
+end

data/lib/infinum_graylog/process_action_controller.rb

@@ -15,8 +15,9 @@ module InfinumGraylog
         request_id: event.transaction_id,
         duration: event.duration,
         application: configuration.application,
-        status: event_status
-      }.reverse_merge(event.payload)
+        status: event_status,
+        headers: headers,
+      }.reverse_merge(cleaned_payload)
     end
 
     private
@@ -31,6 +32,29 @@ module InfinumGraylog
       ActionDispatch::ExceptionWrapper.status_code_for_exception(event.payload[:exception].first)
     end
 
+    def cleaned_payload
+      Cleaner.new(nil).clean_object(event.payload)
+    end
+
+    def headers
+      return nil unless event.payload[:headers]
+      headers = {}
+
+      event.payload[:headers].each_pair do |key, value|
+        if key.to_s.start_with?("HTTP_")
+          header_key = key[5..-1]
+        elsif ["CONTENT_TYPE", "CONTENT_LENGTH"].include?(key)
+          header_key = key
+        else
+          next
+        end
+
+        headers[header_key.split("_").map {|s| s.capitalize}.join("-")] = value
+      end
+
+      headers
+    end
+
     def configuration
       InfinumGraylog.configuration
     end

data/lib/infinum_graylog/version.rb

@@ -1,3 +1,3 @@
 module InfinumGraylog
-  VERSION = '0.3.0'
+  VERSION = '0.4.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: infinum_graylog
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Stjepan Hadjic
@@ -86,6 +86,7 @@ files:
 - bin/setup
 - infinum_graylog.gemspec
 - lib/infinum_graylog.rb
+- lib/infinum_graylog/cleaner.rb
 - lib/infinum_graylog/configuration.rb
 - lib/infinum_graylog/notifier.rb
 - lib/infinum_graylog/process_action_controller.rb