prevoty-rails 0.6.1 → 0.6.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fae2d6e01221c36ff45ba152eede2c64b5f4f4b7
|
4
|
+
data.tar.gz: be8752aae18c0174af54b8250d81d6c655eb314d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b5112c11f4b68d9954f638341d701bbfb824f758ff75b2d4e59500c4966c02f2cebd83c9d1b957f34fceebba36e9c1bd0d1f499c363ec5848ad1e5ea9ad19821
|
7
|
+
data.tar.gz: 3267c43c2df47e6b90945766e58763deefe38c69526f0938f27c5aff30d9a274db63c55e6dd5cfadda688628f61644fedc3e824a23fb9bb827d1e646a377bb05
|
@@ -49,7 +49,7 @@ query_handler = ->(name, start, finish, id, payload) do
|
|
49
49
|
if res.processed and not res.compliant
|
50
50
|
case options[:log_destination]
|
51
51
|
when 'log'
|
52
|
-
::Prevoty::LOGGER << build_result(options[:mode], payload[:sql], res).to_json
|
52
|
+
::Prevoty::LOGGER << build_result(options[:mode], payload[:sql], res).to_json + "\n"
|
53
53
|
when 'callback'
|
54
54
|
options[:after_callback].call(build_result(options[:mode], payload[:sql], res).to_json) if options[:after_callback].respond_to? :call
|
55
55
|
end
|
@@ -57,7 +57,7 @@ query_handler = ->(name, start, finish, id, payload) do
|
|
57
57
|
elsif res.processed and res.compliant
|
58
58
|
case options[:log_destination]
|
59
59
|
when 'log'
|
60
|
-
::Prevoty::LOGGER << build_result(options[:mode], payload[:sql], res).to_json
|
60
|
+
::Prevoty::LOGGER << build_result(options[:mode], payload[:sql], res).to_json + "\n"
|
61
61
|
when 'callback'
|
62
62
|
options[:after_callback].call(build_result(options[:mode], payload[:sql], res).to_json) if options[:after_callback].respond_to? :call
|
63
63
|
end
|
@@ -14,7 +14,7 @@ module Prevoty
|
|
14
14
|
res.each_with_index do |r, i|
|
15
15
|
case @log_destination
|
16
16
|
when 'log'
|
17
|
-
::Prevoty::LOGGER << ::Rack::Prevoty::Interceptor.build_result(cloned[i][:mode], cloned[i][:request], cloned[i][:input], r).to_json if r.javascript_attributes > 0 || r.javascript_protocols > 0 || r.javascript_tags > 0
|
17
|
+
::Prevoty::LOGGER << ::Rack::Prevoty::Interceptor.build_result(cloned[i][:mode], cloned[i][:request], cloned[i][:input], r).to_json + "\n" if r.javascript_attributes > 0 || r.javascript_protocols > 0 || r.javascript_tags > 0
|
18
18
|
when 'callback'
|
19
19
|
@callback.call(::Rack::Prevoty::Interceptor.build_result(cloned[i][:mode], cloned[i][:request], cloned[i][:input], r).to_json) if !@callback.nil? && (r.javascript_attributes > 0 || r.javascript_protocols > 0 || r.javascript_tags > 0)
|
20
20
|
end
|
@@ -17,7 +17,7 @@ module Prevoty
|
|
17
17
|
res.each_with_index do |r, i|
|
18
18
|
case @log_destination
|
19
19
|
when 'log'
|
20
|
-
Prevoty::LOGGER << build_result('monitor', cloned[i][:query], r).to_json if r.processed
|
20
|
+
Prevoty::LOGGER << build_result('monitor', cloned[i][:query], r).to_json + "\n" if r.processed
|
21
21
|
when 'callback'
|
22
22
|
@after_callback.call(build_result('monitor', cloned[i][:query], r).to_json) if @after_callback.respond_to?(:call) && r.processed
|
23
23
|
end
|
@@ -21,14 +21,14 @@ module Rack
|
|
21
21
|
case req.request_method
|
22
22
|
when "GET", "DELETE"
|
23
23
|
unless env['QUERY_STRING'] === ''
|
24
|
-
querystring =
|
24
|
+
querystring = env['QUERY_STRING']
|
25
25
|
begin
|
26
26
|
Timeout::timeout(@timeout) do
|
27
27
|
resp = @client.bulk_filter(querystring, @configuration_key)
|
28
|
-
env['QUERY_STRING'] =
|
28
|
+
env['QUERY_STRING'] = resp.output
|
29
29
|
case @log_destination
|
30
30
|
when 'log'
|
31
|
-
::Prevoty::LOGGER << self.class.build_result(@mode, req, querystring, resp).to_json if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
31
|
+
::Prevoty::LOGGER << self.class.build_result(@mode, req, querystring, resp).to_json + "\n" if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
32
32
|
when 'callback'
|
33
33
|
@callback.call(self.class.build_result(@mode, req, querystring, resp).to_json) if !@callback.nil? && (resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0)
|
34
34
|
end
|
@@ -42,9 +42,10 @@ module Rack
|
|
42
42
|
if req.media_type === 'multipart/form-data'
|
43
43
|
# TODO: implement support for multipart. The Rack multipart
|
44
44
|
# implementation doesn't support parsing and re-creating the
|
45
|
-
#
|
45
|
+
# multipart data so a custom implementation needs to be written
|
46
46
|
else
|
47
|
-
|
47
|
+
# First, clean the request body
|
48
|
+
body = req.body.read.encode('utf-8')
|
48
49
|
unless body === ''
|
49
50
|
begin
|
50
51
|
Timeout::timeout(@timeout) do
|
@@ -52,7 +53,7 @@ module Rack
|
|
52
53
|
env['rack.input'] = StringIO.new(resp.output)
|
53
54
|
case @log_destination
|
54
55
|
when 'log'
|
55
|
-
::Prevoty::LOGGER << self.class.build_result(@mode, req, body, resp).to_json if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
56
|
+
::Prevoty::LOGGER << self.class.build_result(@mode, req, body, resp).to_json + "\n" if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
56
57
|
when 'callback'
|
57
58
|
@callback.call(self.class.build_result(@mode, req, body, resp).to_json) if !@callback.nil? && (resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0)
|
58
59
|
end
|
@@ -64,16 +65,16 @@ module Rack
|
|
64
65
|
end
|
65
66
|
end
|
66
67
|
|
67
|
-
# clean any
|
68
|
+
# Second, clean any data passed in the query string
|
68
69
|
unless env['QUERY_STRING'] === ''
|
69
|
-
querystring =
|
70
|
+
querystring = env['QUERY_STRING']
|
70
71
|
begin
|
71
72
|
Timeout::timeout(@timeout) do
|
72
73
|
resp = @client.bulk_filter(querystring, @configuration_key)
|
73
|
-
env['QUERY_STRING'] =
|
74
|
+
env['QUERY_STRING'] = resp.output
|
74
75
|
case @log_destination
|
75
76
|
when 'log'
|
76
|
-
::Prevoty::LOGGER << self.class.build_result(@mode, req, querystring, resp).to_json if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
77
|
+
::Prevoty::LOGGER << self.class.build_result(@mode, req, querystring, resp).to_json + "\n" if resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0
|
77
78
|
when 'callback'
|
78
79
|
@callback.call(self.class.build_result(@mode, req, querystring, resp).to_json) if !@callback.nil? && (resp.statistics.javascript_attributes > 0 || resp.statistics.javascript_protocols > 0 || resp.statistics.javascript_tags > 0)
|
79
80
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: prevoty-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Joe Rozner
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-08-
|
11
|
+
date: 2016-08-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: prevoty
|