rollbar 0.9.9 → 0.9.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/CHANGELOG.md +4 -0
  2. data/lib/rollbar/configuration.rb +1 -1
  3. data/lib/rollbar/request_data_extractor.rb +20 -15
  4. data/lib/rollbar/version.rb +1 -1
  5. data/spec/controllers/home_controller_spec.rb +6 -4
  6. data/spec/requests/home_spec.rb +2 -0
  7. metadata +3 -2
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Change Log
2
2
 
3
+ **0.9.10**
4
+ - Add :secret_token to default scrub_fields list
5
+ - Session params are now scrubbed
6
+
3
7
  **0.9.9**
4
8
  - Fix capistrano recipe on 1.9.2 ([#36](https://github.com/rollbar/rollbar-gem/pull/36))
5
9
  - Add example of disable "test" env to initializer template
data/lib/rollbar/configuration.rb CHANGED
@@ -47,7 +47,7 @@ module Rollbar
47
47
  @person_email_method = 'email'
48
48
  @project_gems = []
49
49
  @scrub_fields = [:passwd, :password, :password_confirmation, :secret,
50
- :confirm_password, :password_confirmation]
50
+ :confirm_password, :password_confirmation, :secret_token]
51
51
  @use_async = false
52
52
  @use_eventmachine = false
53
53
  @web_base = DEFAULT_WEB_BASE
data/lib/rollbar/request_data_extractor.rb CHANGED
@@ -16,6 +16,7 @@ module Rollbar
16
16
  cookies = rollbar_filtered_params(sensitive_params, rollbar_request_cookies(env))
17
17
  get_params = rollbar_filtered_params(sensitive_params, rollbar_get_params(env))
18
18
  post_params = rollbar_filtered_params(sensitive_params, rollbar_post_params(env))
19
+ session = rollbar_filtered_params(sensitive_params, env['rack.session.options'])
19
20
 
20
21
  {
21
22
  :params => get_params.merge(post_params).merge(request_params),
@@ -25,7 +26,7 @@ module Rollbar
25
26
  :GET => get_params,
26
27
  :POST => post_params,
27
28
  :cookies => cookies,
28
- :session => env['rack.session.options'],
29
+ :session => session,
29
30
  :method => rollbar_request_method(env)
30
31
  }
31
32
  end
@@ -90,21 +91,25 @@ module Rollbar
90
91
  end
91
92
 
92
93
  def rollbar_filtered_params(sensitive_params, params)
93
- params.inject({}) do |result, (key, value)|
94
- if sensitive_params.include?(key.to_sym)
95
- result[key] = '*' * (value.length rescue 8)
96
- elsif value.is_a?(Hash)
97
- result[key] = rollbar_filtered_params(sensitive_params, value)
98
- elsif ATTACHMENT_CLASSES.include?(value.class.name)
99
- result[key] = {
100
- :content_type => value.content_type,
101
- :original_filename => value.original_filename,
102
- :size => value.tempfile.size
103
- } rescue 'Uploaded file'
104
- else
105
- result[key] = value
94
+ if params.nil?
95
+ {}
96
+ else
97
+ params.inject({}) do |result, (key, value)|
98
+ if sensitive_params.include?(key.to_sym)
99
+ result[key] = '*' * (value.length rescue 8)
100
+ elsif value.is_a?(Hash)
101
+ result[key] = rollbar_filtered_params(sensitive_params, value)
102
+ elsif ATTACHMENT_CLASSES.include?(value.class.name)
103
+ result[key] = {
104
+ :content_type => value.content_type,
105
+ :original_filename => value.original_filename,
106
+ :size => value.tempfile.size
107
+ } rescue 'Uploaded file'
108
+ else
109
+ result[key] = value
110
+ end
111
+ result
106
112
  end
107
- result
108
113
  end
109
114
  end
110
115
 
data/lib/rollbar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Rollbar
2
- VERSION = "0.9.9"
2
+ VERSION = "0.9.10"
3
3
  end
data/spec/controllers/home_controller_spec.rb CHANGED
@@ -91,10 +91,11 @@ describe HomeController do
91
91
 
92
92
  it "should scrub the default scrub_fields" do
93
93
  params = {
94
- :passwd => "hidden",
95
- :password => "hidden",
96
- :secret => "hidden",
97
- :notpass => "visible"
94
+ :passwd => "hidden",
95
+ :password => "hidden",
96
+ :secret => "hidden",
97
+ :notpass => "visible",
98
+ :secret_token => "f6805fea1cae0fb79c5e63bbdcd12bc6",
98
99
  }
99
100
 
100
101
  filtered = controller.send(:rollbar_filtered_params, Rollbar.configuration.scrub_fields, params)
@@ -103,6 +104,7 @@ describe HomeController do
103
104
  filtered[:password].should == "******"
104
105
  filtered[:secret].should == "******"
105
106
  filtered[:notpass].should == "visible"
107
+ filtered[:secret_token].should == "*" * 32
106
108
  end
107
109
 
108
110
  it "should scrub custom scrub_fields" do
data/spec/requests/home_spec.rb CHANGED
@@ -18,6 +18,8 @@ describe HomeController do
18
18
  it "should report uncaught exceptions" do
19
19
  expect{ get 'current_user', nil, :cookie => '8%B' }.to raise_exception
20
20
 
21
+ Rollbar.last_report.should_not be_nil
22
+
21
23
  exception_info = Rollbar.last_report[:body][:trace][:exception]
22
24
  exception_info[:class].should == 'ArgumentError'
23
25
  exception_info[:message].should == 'invalid %-encoding (8%B)'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rollbar
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.9
4
+ version: 0.9.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-17 00:00:00.000000000 Z
12
+ date: 2013-04-25 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multi_json
@@ -300,3 +300,4 @@ test_files:
300
300
  - spec/rollbar_spec.rb
301
301
  - spec/spec_helper.rb
302
302
  - spec/support/devise.rb
303
+ has_rdoc: