non_printable_sanitization 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5b7a8ede4f20506b182ffd0ea4e644696b3d0af2
+  data.tar.gz: ad10a975b8373a270120f0e4fbf4028ef0b7d1ea
+SHA512:
+  metadata.gz: b82f3b091d69cac60f1076dbead447e4f914b4417500e87ef6b3ada62f844ab2226efc3aaf7383b4a1d1a372210c522252d9441a2fcaad8ad3f1929617c19d6a
+  data.tar.gz: 951ae6790bd61be9992980e59c96391b8fe730850ffca7da152db197aa1c26912ef7802a41a5e1c65948450e36f156cfe35f22818573d14b0e1a842908486c28

data/.gitignore

@@ -0,0 +1,19 @@
+*.gem
+*.rbc
+*.ruby-*
+*.swp
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in non_printable_sanitization.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Brandon Dewitt
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# NonPrintableSanitization
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'non_printable_sanitization'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install non_printable_sanitization
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+desc "Run specs"
+RSpec::Core::RakeTask.new(:spec)
+
+desc "Run specs (default)"
+task :default => :spec
+
+Dir["lib/tasks/**/*.rake"].each { |ext| load ext } if defined?(Rake)

data/lib/non_printable_sanitization.rb

@@ -0,0 +1,43 @@
+require 'rack'
+require 'rack/request'
+require 'stringio'
+require "non_printable_sanitization/version"
+
+class NonPrintableSanitization
+  def initialize(app, options = {})
+    @app = app
+    @options = options
+  end
+
+  def call(env)
+    request = ::Rack::Request.new(env)
+
+    if request.content_length.to_i > 0 # check we even have data
+      if !request.get? && !request.delete? # make sure it's not a GET/DELETE request
+        unless request_is_file_upload?(env) # make sure we don't want binary data
+          remove_non_printable_characters!(env)
+        end
+      end
+    end
+
+    @app.call(env)
+  end
+
+  private
+
+  def remove_non_printable_characters!(env)
+    input = env["rack.input"].read
+    
+    if input && input.size > 0
+      input.gsub!(/[^[:print:]]/, "")
+      env["rack.input"] = StringIO.new(input)
+    end
+  ensure
+    env["rack.input"].rewind
+  end
+
+  def request_is_file_upload?(env)
+    content_type = env["CONTENT_TYPE"] || "none"
+    content_type.downcase.include?("form-data")
+  end
+end

data/lib/non_printable_sanitization/version.rb

@@ -0,0 +1,3 @@
+class NonPrintableSanitization
+  VERSION = "0.0.1"
+end

data/non_printable_sanitization.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'non_printable_sanitization/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "non_printable_sanitization"
+  gem.version       = NonPrintableSanitization::VERSION
+  gem.authors       = ["Brandon Dewitt"]
+  gem.email         = ["brandonsdewitt+nonprintablesanitization@gmail.com"]
+  gem.description   = %q{ Rack middleware that filters non-printable characters from input }
+  gem.summary       = %q{ Rack middleware that filters non-printable characters from input }
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency 'rack'
+
+  gem.add_development_dependency "bundler"
+  gem.add_development_dependency "rake"
+  gem.add_development_dependency "rspec"
+end

data/spec/non_printable_sanitization_spec.rb

@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+class Rack::MockRackApp
+  attr_reader :request_body
+
+  def initialize
+    @request_headers = {}
+  end
+
+  def call(env)
+    @env = env
+    @request_body = env['rack.input'].read
+    [200, {'Content-Type' => 'text/plain'}, ['OK']]
+  end
+
+  def [](key)
+    @env[key]
+  end
+end
+
+describe ::NonPrintableSanitization do
+  let(:app) { Rack::MockRackApp.new }
+  let(:start_app) { described_class.new(app) }
+
+  context "when called with a binary body POST request" do
+    let(:request) { Rack::MockRequest.new(start_app) }
+    before(:each) do
+      request.post("/some/path", :input => post_data, "CONTENT_TYPE" => content_type)
+    end
+
+    context "with text/plain content" do
+      let(:post_data) { "derp derp derp\0" }
+      let(:content_type) { "text/plain" }
+
+      it "sanitizes the non-printable \0" do
+        expect(app.request_body).to eq("derp derp derp")
+      end
+    end
+
+    context "with multipart/form-data content" do
+      let(:post_data) { "derp derp derp\0" }
+      let(:content_type) { "multipart/form-data" }
+
+      it "does not sanitize the non-printable \0" do
+        expect(app.request_body).to eq(post_data)
+      end
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+require 'rubygems'
+require 'bundler'
+
+::Bundler.require(:default, :development, :test)

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification
+name: non_printable_sanitization
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Brandon Dewitt
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-07-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: " Rack middleware that filters non-printable characters from input "
+email:
+- brandonsdewitt+nonprintablesanitization@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/non_printable_sanitization.rb
+- lib/non_printable_sanitization/version.rb
+- non_printable_sanitization.gemspec
+- spec/non_printable_sanitization_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Rack middleware that filters non-printable characters from input
+test_files:
+- spec/non_printable_sanitization_spec.rb
+- spec/spec_helper.rb