non_printable_sanitization 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/non_printable_sanitization.rb +9 -0
  3. data/lib/non_printable_sanitization/version.rb +1 -1
  4. data/spec/non_printable_sanitization_spec.rb +9 -0
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5b7a8ede4f20506b182ffd0ea4e644696b3d0af2
4
- data.tar.gz: ad10a975b8373a270120f0e4fbf4028ef0b7d1ea
3
+ metadata.gz: d65ef0806319671ff574e1b01b23482d4b061f2b
4
+ data.tar.gz: f80f508f1c7ce55c0e2bc37d7c9d6d8a0afddaf2
5
5
  SHA512:
6
- metadata.gz: b82f3b091d69cac60f1076dbead447e4f914b4417500e87ef6b3ada62f844ab2226efc3aaf7383b4a1d1a372210c522252d9441a2fcaad8ad3f1929617c19d6a
7
- data.tar.gz: 951ae6790bd61be9992980e59c96391b8fe730850ffca7da152db197aa1c26912ef7802a41a5e1c65948450e36f156cfe35f22818573d14b0e1a842908486c28
6
+ metadata.gz: 036832a873f736556e32b1897eff765e91ef5f2556b72683d56c3f75e73e4da39dc36615c279f59d045d534e91291436bec17d6402132bebbd2c18fd237dbcee
7
+ data.tar.gz: 5d824e55c4319e99a120cb3cf76f80b0adf094772dde7811e8e3d67b58950a3fc8f9fb07526909c08c2da8e5320745a55ccf63638499527a0e408e2395cd7240
data/lib/non_printable_sanitization.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'rack'
2
2
  require 'rack/request'
3
3
  require 'stringio'
4
+ require 'uri'
4
5
  require "non_printable_sanitization/version"
5
6
 
6
7
  class NonPrintableSanitization
@@ -25,11 +26,19 @@ class NonPrintableSanitization
25
26
 
26
27
  private
27
28
 
29
+ def is_url_encoded?(env)
30
+ content_type = env["CONTENT_TYPE"] || "none"
31
+ content_type.downcase.include?("urlencoded")
32
+ end
33
+
28
34
  def remove_non_printable_characters!(env)
29
35
  input = env["rack.input"].read
30
36
 
31
37
  if input && input.size > 0
38
+ url_encoded = is_url_encoded?(env)
39
+ input = ::URI.decode(input) if url_encoded
32
40
  input.gsub!(/[^[:print:]]/, "")
41
+ input = ::URI.encode(input) if url_encoded
33
42
  env["rack.input"] = StringIO.new(input)
34
43
  end
35
44
  ensure
data/lib/non_printable_sanitization/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class NonPrintableSanitization
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
data/spec/non_printable_sanitization_spec.rb CHANGED
@@ -37,6 +37,15 @@ describe ::NonPrintableSanitization do
37
37
  end
38
38
  end
39
39
 
40
+ context "with URL encoded content" do
41
+ let(:post_data) { "derp%20derp%20derp%00" }
42
+ let(:content_type) { "application/x-www-form-urlencoded" }
43
+
44
+ it "sanitizes the non-printable \0" do
45
+ expect(app.request_body).to eq("derp%20derp%20derp")
46
+ end
47
+ end
48
+
40
49
  context "with multipart/form-data content" do
41
50
  let(:post_data) { "derp derp derp\0" }
42
51
  let(:content_type) { "multipart/form-data" }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: non_printable_sanitization
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brandon Dewitt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-07-06 00:00:00.000000000 Z
11
+ date: 2014-07-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack