rollbar 0.9.9 → 0.9.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/CHANGELOG.md +4 -0
  2. data/lib/rollbar/configuration.rb +1 -1
  3. data/lib/rollbar/request_data_extractor.rb +20 -15
  4. data/lib/rollbar/version.rb +1 -1
  5. data/spec/controllers/home_controller_spec.rb +6 -4
  6. data/spec/requests/home_spec.rb +2 -0
  7. metadata +3 -2
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Change Log
2
2
 
3
+ **0.9.10**
4
+ - Add :secret_token to default scrub_fields list
5
+ - Session params are now scrubbed
6
+
3
7
  **0.9.9**
4
8
  - Fix capistrano recipe on 1.9.2 ([#36](https://github.com/rollbar/rollbar-gem/pull/36))
5
9
  - Add example of disable "test" env to initializer template
data/lib/rollbar/configuration.rb CHANGED
@@ -47,7 +47,7 @@ module Rollbar
47
47
  @person_email_method = 'email'
48
48
  @project_gems = []
49
49
  @scrub_fields = [:passwd, :password, :password_confirmation, :secret,
50
- :confirm_password, :password_confirmation]
50
+ :confirm_password, :password_confirmation, :secret_token]
51
51
  @use_async = false
52
52
  @use_eventmachine = false
53
53
  @web_base = DEFAULT_WEB_BASE
data/lib/rollbar/request_data_extractor.rb CHANGED
@@ -16,6 +16,7 @@ module Rollbar
16
16
  cookies = rollbar_filtered_params(sensitive_params, rollbar_request_cookies(env))
17
17
  get_params = rollbar_filtered_params(sensitive_params, rollbar_get_params(env))
18
18
  post_params = rollbar_filtered_params(sensitive_params, rollbar_post_params(env))
19
+ session = rollbar_filtered_params(sensitive_params, env['rack.session.options'])
19
20
 
20
21
  {
21
22
  :params => get_params.merge(post_params).merge(request_params),
@@ -25,7 +26,7 @@ module Rollbar
25
26
  :GET => get_params,
26
27
  :POST => post_params,
27
28
  :cookies => cookies,
28
- :session => env['rack.session.options'],
29
+ :session => session,
29
30
  :method => rollbar_request_method(env)
30
31
  }
31
32
  end
@@ -90,21 +91,25 @@ module Rollbar
90
91
  end
91
92
 
92
93
  def rollbar_filtered_params(sensitive_params, params)
93
- params.inject({}) do |result, (key, value)|
94
- if sensitive_params.include?(key.to_sym)
95
- result[key] = '*' * (value.length rescue 8)
96
- elsif value.is_a?(Hash)
97
- result[key] = rollbar_filtered_params(sensitive_params, value)
98
- elsif ATTACHMENT_CLASSES.include?(value.class.name)
99
- result[key] = {
100
- :content_type => value.content_type,
101
- :original_filename => value.original_filename,
102
- :size => value.tempfile.size
103
- } rescue 'Uploaded file'
104
- else
105
- result[key] = value
94
+ if params.nil?
95
+ {}
96
+ else
97
+ params.inject({}) do |result, (key, value)|
98
+ if sensitive_params.include?(key.to_sym)
99
+ result[key] = '*' * (value.length rescue 8)
100
+ elsif value.is_a?(Hash)
101
+ result[key] = rollbar_filtered_params(sensitive_params, value)
102
+ elsif ATTACHMENT_CLASSES.include?(value.class.name)
103
+ result[key] = {
104
+ :content_type => value.content_type,
105
+ :original_filename => value.original_filename,
106
+ :size => value.tempfile.size
107
+ } rescue 'Uploaded file'
108
+ else
109
+ result[key] = value
110
+ end
111
+ result
106
112
  end
107
- result
108
113
  end
109
114
  end
110
115
 
data/lib/rollbar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Rollbar
2
- VERSION = "0.9.9"
2
+ VERSION = "0.9.10"
3
3
  end
data/spec/controllers/home_controller_spec.rb CHANGED
@@ -91,10 +91,11 @@ describe HomeController do
91
91
 
92
92
  it "should scrub the default scrub_fields" do
93
93
  params = {
94
- :passwd => "hidden",
95
- :password => "hidden",
96
- :secret => "hidden",
97
- :notpass => "visible"
94
+ :passwd => "hidden",
95
+ :password => "hidden",
96
+ :secret => "hidden",
97
+ :notpass => "visible",
98
+ :secret_token => "f6805fea1cae0fb79c5e63bbdcd12bc6",
98
99
  }
99
100
 
100
101
  filtered = controller.send(:rollbar_filtered_params, Rollbar.configuration.scrub_fields, params)
@@ -103,6 +104,7 @@ describe HomeController do
103
104
  filtered[:password].should == "******"
104
105
  filtered[:secret].should == "******"
105
106
  filtered[:notpass].should == "visible"
107
+ filtered[:secret_token].should == "*" * 32
106
108
  end
107
109
 
108
110
  it "should scrub custom scrub_fields" do
data/spec/requests/home_spec.rb CHANGED
@@ -18,6 +18,8 @@ describe HomeController do
18
18
  it "should report uncaught exceptions" do
19
19
  expect{ get 'current_user', nil, :cookie => '8%B' }.to raise_exception
20
20
 
21
+ Rollbar.last_report.should_not be_nil
22
+
21
23
  exception_info = Rollbar.last_report[:body][:trace][:exception]
22
24
  exception_info[:class].should == 'ArgumentError'
23
25
  exception_info[:message].should == 'invalid %-encoding (8%B)'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rollbar
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.9
4
+ version: 0.9.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-17 00:00:00.000000000 Z
12
+ date: 2013-04-25 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multi_json
@@ -300,3 +300,4 @@ test_files:
300
300
  - spec/rollbar_spec.rb
301
301
  - spec/spec_helper.rb
302
302
  - spec/support/devise.rb
303
+ has_rdoc: