sensitive_data_filter 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 70cedcd682fd58e3d8682c603bc8326c36e7b8ec
-  data.tar.gz: aee8dcf45f48b651e85507a6d0e0b02fe8fbb071
+  metadata.gz: 0a727bd4717ff795773bc06f5c9095ac86fa6deb
+  data.tar.gz: af91b7050220d8899957e9f1014710d4a0bbc374
 SHA512:
-  metadata.gz: fc6618c4cdad98edb6899779d93b15a1cbfc5c8b650d2cce604f40b2c9178d24cf9000753ecf512ee82b99a17e580f8750cf3019ac6f0777532a417d32ffc8d9
-  data.tar.gz: 1f126f0eec67bc0c8bc74d7bb50e6121056a8113ce35454ba2fc7d1c36d6db74ede0736050515b96e53467d433844f6eef1a545554a01d58898fef0d117bf9eb
+  metadata.gz: 817f86816d181448c51edce12b6b43c4a341ed805e03523254c76cc7da8680af14fdfb7c3c5ef05b1ca0800337231af24c06699e6f1ebbf3070cf926eedf79d1
+  data.tar.gz: e8863e690284d3e479069bf9e0730448bf437c234d8e6e0ceb79e4f12e464f631e5468d596d158b810c28a408177c2ffde72cbcccd4c0785f779c28600bfd9d6

data/CHANGELOG.md

@@ -3,6 +3,13 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
 
+## [0.2.1] - 2016-12-19
+### Changed
+- Updates README for usage with Rails
+
+### Fixed
+- Handles JSON parsing exceptions gracefully
+
 ## [0.2.0] - 2016-12-13
 ### Added
 - Occurrence exposes content type

data/README.md

@@ -28,11 +28,13 @@ Or install it yourself as:
 
 ### Enable the middleware
 
+Insert the middleware in the stack before any parameter parsing is performed
+
 E.g. for Rails, add the following in application.rb
 
 ```ruby
 # --- Sensitive Data Filtering ---
-config.middleware.use SensitiveDataFilter::Middleware::Filter
+config.middleware.insert_before 'ActionDispatch::ParamsParser', SensitiveDataFilter::Middleware::Filter
 ```
 
 ### Configuration
@@ -97,7 +99,9 @@ The arguments for `config.register_parser` are:
 * a parser for the parameters
 * an unparser to convert parameters back to the encoded format
  
-The parser and unparser must be objects that respond to `call` and accept the parameters as an argument (e.g. procs or lambdas).
+The parser and unparser must be objects that respond to `call` and accept the parameters as an argument (e.g. procs or lambdas).  
+The parser should handle parsing exceptions gracefully by returning the arguments. 
+This ensures that sensitive data scanning and masking is applied on the raw parameters.
 
 ## Development
 

data/lib/sensitive_data_filter/middleware/parameter_parser.rb

@@ -40,9 +40,23 @@ module SensitiveDataFilter
             ->(params) { Rack::Utils.parse_query(params) },
             ->(params) { Rack::Utils.build_query(params) }),
         new('json', # e.g.: 'application/json'
-            ->(params) { JSON.parse(params) },
-            ->(params) { JSON.unparse(params) })
+            ->(params) { JsonParser.parse(params) },
+            ->(params) { JsonParser.unparse(params) })
       ].freeze
+
+      class JsonParser
+        def self.parse(params)
+          JSON.parse(params)
+        rescue JSON::ParserError
+          params
+        end
+
+        def self.unparse(params)
+          JSON.unparse(params)
+        rescue JSON::GeneratorError
+          params
+        end
+      end
     end
   end
 end

data/lib/sensitive_data_filter/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module SensitiveDataFilter
-  VERSION = '0.2.0'
+  VERSION = '0.2.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sensitive_data_filter
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Alessandro Berardi
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-12-13 00:00:00.000000000 Z
+date: 2016-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack