sentry-sanitizer 0.1.4 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +13 -1
- data/Rakefile +0 -3
- data/lib/sentry/sanitizer/cleaner.rb +43 -14
- data/lib/sentry/sanitizer/configuration.rb +30 -0
- data/lib/sentry/sanitizer/configuration_mixin.rb +0 -28
- data/lib/sentry/sanitizer/version.rb +1 -1
- data/sentry-sanitizer.gemspec +2 -0
- metadata +30 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa6e89bd5636947019b12574187eb515d000a6d93bd48c3895bf3bf24e7564ca
|
|
4
|
+
data.tar.gz: 9a69894f2ed6903496162584c1ccb920d0e5a6ab3f75dc333c6c12dead8fc031
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 54510f582c6e9434700ce3db8735566bd4ef1af3b2fd2caaaeb1cb016503d2a84a22ad39d3637ba34fbb95ad86274508c72badb56a4b458278ef7afbd64f52f2
|
|
7
|
+
data.tar.gz: fdd38c2cce91b32436522520d318f7c0c7f54f87777c1bcdfc80e77109ff43518807adf560aed42c99a8b4bf4cc2abdcd806a56f6a9328836e6b159da0ae5deb
|
data/Gemfile.lock
CHANGED
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
sentry-sanitizer (0.
|
|
4
|
+
sentry-sanitizer (0.2.0)
|
|
5
5
|
sentry-ruby (~> 4.2.0)
|
|
6
6
|
|
|
7
7
|
GEM
|
|
8
8
|
remote: https://rubygems.org/
|
|
9
9
|
specs:
|
|
10
|
+
byebug (11.1.3)
|
|
11
|
+
coderay (1.1.3)
|
|
10
12
|
concurrent-ruby (1.1.8)
|
|
11
13
|
diff-lcs (1.4.4)
|
|
12
14
|
faraday (1.3.0)
|
|
@@ -14,7 +16,15 @@ GEM
|
|
|
14
16
|
multipart-post (>= 1.2, < 3)
|
|
15
17
|
ruby2_keywords
|
|
16
18
|
faraday-net_http (1.0.1)
|
|
19
|
+
method_source (1.0.0)
|
|
17
20
|
multipart-post (2.1.1)
|
|
21
|
+
pry (0.13.1)
|
|
22
|
+
coderay (~> 1.1)
|
|
23
|
+
method_source (~> 1.0)
|
|
24
|
+
pry-byebug (3.9.0)
|
|
25
|
+
byebug (~> 11.0)
|
|
26
|
+
pry (~> 0.13.0)
|
|
27
|
+
rack (2.2.3)
|
|
18
28
|
rake (10.5.0)
|
|
19
29
|
rspec (3.10.0)
|
|
20
30
|
rspec-core (~> 3.10.0)
|
|
@@ -43,6 +53,8 @@ PLATFORMS
|
|
|
43
53
|
|
|
44
54
|
DEPENDENCIES
|
|
45
55
|
bundler (>= 1.17)
|
|
56
|
+
pry-byebug
|
|
57
|
+
rack
|
|
46
58
|
rake (~> 10.0)
|
|
47
59
|
rspec (~> 3.0)
|
|
48
60
|
sentry-sanitizer!
|
data/Rakefile
CHANGED
|
@@ -11,44 +11,73 @@ module Sentry
|
|
|
11
11
|
|
|
12
12
|
def initialize(config)
|
|
13
13
|
@fields = config.fields || []
|
|
14
|
-
@http_headers = config.http_headers ||
|
|
15
|
-
@
|
|
14
|
+
@http_headers = config.http_headers || false
|
|
15
|
+
@do_cookies = config.cookies || false
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def call(event)
|
|
19
19
|
if event.is_a?(Sentry::Event)
|
|
20
|
-
sanitize_request(event
|
|
21
|
-
event.extra = sanitize_data(event.extra)
|
|
20
|
+
sanitize_request(event, :object) if event.request
|
|
21
|
+
event.extra = sanitize_data(event.extra)
|
|
22
|
+
elsif event.is_a?(Hash)
|
|
23
|
+
sanitize_request(event, :stringified_hash) if event['request']
|
|
24
|
+
sanitize_request(event, :symbolized_hash) if event[:request]
|
|
25
|
+
event['extra'] = sanitize_data(event['extra']) if event['extra']
|
|
26
|
+
event[:extra] = sanitize_data(event[:extra]) if event[:extra]
|
|
22
27
|
end
|
|
23
28
|
end
|
|
24
29
|
|
|
25
|
-
def sanitize_request(
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
30
|
+
def sanitize_request(event, type)
|
|
31
|
+
case type
|
|
32
|
+
when :object
|
|
33
|
+
event.request.data = sanitize_data(event.request.data)
|
|
34
|
+
event.request.headers = sanitize_headers(event.request.headers)
|
|
35
|
+
event.request.cookies = sanitize_cookies(event.request.cookies)
|
|
36
|
+
when :stringified_hash
|
|
37
|
+
event['request']['data'] = sanitize_data(event['request']['data'])
|
|
38
|
+
event['request']['headers'] = sanitize_headers(event['request']['headers'])
|
|
39
|
+
event['request']['cookies'] = sanitize_cookies(event['request']['cookies'])
|
|
40
|
+
when :symbolized_hash
|
|
41
|
+
event[:request][:data] = sanitize_data(event[:request][:data])
|
|
42
|
+
event[:request][:headers] = sanitize_headers(event[:request][:headers])
|
|
43
|
+
event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
|
|
44
|
+
end
|
|
29
45
|
end
|
|
30
46
|
|
|
31
47
|
def sanitize_data(hash)
|
|
32
|
-
return unless hash.is_a? Hash
|
|
48
|
+
return hash unless hash.is_a? Hash
|
|
49
|
+
return hash unless fields.size.positive?
|
|
33
50
|
|
|
34
51
|
sanitize_value(hash, nil)
|
|
35
52
|
end
|
|
36
53
|
|
|
37
54
|
private
|
|
38
55
|
|
|
39
|
-
attr_reader :fields, :http_headers, :
|
|
56
|
+
attr_reader :fields, :http_headers, :do_cookies
|
|
40
57
|
|
|
41
58
|
# Sanitize specified headers
|
|
42
59
|
def sanitize_headers(headers)
|
|
43
|
-
headers
|
|
44
|
-
|
|
45
|
-
|
|
60
|
+
case headers
|
|
61
|
+
when TrueClass
|
|
62
|
+
headers.transform_values { DEFAULT_MASK }
|
|
63
|
+
when Hash
|
|
64
|
+
return headers unless http_headers.size.positive?
|
|
65
|
+
|
|
66
|
+
headers.keys.select { |key| key.match?(sensitive_headers) }.each do |key|
|
|
67
|
+
headers[key] = DEFAULT_MASK
|
|
68
|
+
end
|
|
46
69
|
|
|
47
|
-
|
|
70
|
+
headers
|
|
71
|
+
else
|
|
72
|
+
headers
|
|
73
|
+
end
|
|
48
74
|
end
|
|
49
75
|
|
|
50
76
|
# Sanitize all cookies
|
|
51
77
|
def sanitize_cookies(cookies)
|
|
78
|
+
return cookies unless cookies.is_a? Hash
|
|
79
|
+
return cookies unless do_cookies
|
|
80
|
+
|
|
52
81
|
cookies.transform_values { DEFAULT_MASK }
|
|
53
82
|
end
|
|
54
83
|
|
|
@@ -5,9 +5,15 @@ require 'sentry/sanitizer/configuration_mixin'
|
|
|
5
5
|
module Sentry
|
|
6
6
|
# Monkey-patching Sentry::Configuration
|
|
7
7
|
class Configuration
|
|
8
|
+
# Add sanitizing configuration
|
|
9
|
+
attr_reader :sanitize
|
|
10
|
+
|
|
11
|
+
# Patch before_send method so it could support more than one call
|
|
8
12
|
prepend Sentry::Sanitizer::ConfigurationMixin
|
|
9
13
|
|
|
10
14
|
add_post_initialization_callback do
|
|
15
|
+
@sanitize ||= Sentry::Sanitizer::Configuration.new
|
|
16
|
+
|
|
11
17
|
self.before_send = ->(event, hint) do
|
|
12
18
|
Sentry::Sanitizer::Cleaner.new(Sentry.configuration.sanitize).call(event)
|
|
13
19
|
|
|
@@ -23,6 +29,30 @@ module Sentry
|
|
|
23
29
|
def configured?
|
|
24
30
|
[fields, http_headers, cookies].any? { |setting| !setting.nil? }
|
|
25
31
|
end
|
|
32
|
+
|
|
33
|
+
def fields=(fields)
|
|
34
|
+
unless fields.is_a? Array
|
|
35
|
+
raise ArgumentError, 'sanitize_fields must be array'
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
@fields = fields
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def http_headers=(headers)
|
|
42
|
+
unless [Array, TrueClass, FalseClass].include?(headers.class)
|
|
43
|
+
raise ArgumentError, 'sanitize_http_headers must be array'
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
@http_headers = headers
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def cookies=(cookies)
|
|
50
|
+
unless [TrueClass, FalseClass].include?(cookies.class)
|
|
51
|
+
raise ArgumentError, 'sanitize_cookies must be boolean'
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
@cookies = cookies
|
|
55
|
+
end
|
|
26
56
|
end
|
|
27
57
|
end
|
|
28
58
|
end
|
|
@@ -20,34 +20,6 @@ module Sentry
|
|
|
20
20
|
event
|
|
21
21
|
}
|
|
22
22
|
end
|
|
23
|
-
|
|
24
|
-
def sanitize
|
|
25
|
-
@sanitize ||= Sentry::Sanitizer::Configuration.new
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def sanitize_fields=(fields)
|
|
29
|
-
unless fields.is_a? Array
|
|
30
|
-
raise ArgumentError, 'sanitize_fields must be array'
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
sanitize.fields = fields
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def sanitize_http_headers=(headers)
|
|
37
|
-
unless headers.is_a? Array
|
|
38
|
-
raise ArgumentError, 'sanitize_http_headers must be array'
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
sanitize.http_headers = headers
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def sanitize_cookies=(cookies)
|
|
45
|
-
unless [TrueClass, FalseClass].include?(cookies.class)
|
|
46
|
-
raise ArgumentError, 'sanitize_cookies must be boolean'
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
sanitize.cookies = cookies
|
|
50
|
-
end
|
|
51
23
|
end
|
|
52
24
|
end
|
|
53
25
|
end
|
data/sentry-sanitizer.gemspec
CHANGED
|
@@ -30,6 +30,8 @@ Gem::Specification.new do |spec|
|
|
|
30
30
|
spec.add_development_dependency 'bundler', '>= 1.17'
|
|
31
31
|
spec.add_development_dependency 'rake', '~> 10.0'
|
|
32
32
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
|
33
|
+
spec.add_development_dependency 'rack'
|
|
34
|
+
spec.add_development_dependency 'pry-byebug'
|
|
33
35
|
|
|
34
36
|
spec.add_runtime_dependency 'sentry-ruby', '~> 4.2.0'
|
|
35
37
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sentry-sanitizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Valentine Kiselev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-02-
|
|
11
|
+
date: 2021-02-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -52,6 +52,34 @@ dependencies:
|
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: '3.0'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: rack
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - ">="
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '0'
|
|
62
|
+
type: :development
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - ">="
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '0'
|
|
69
|
+
- !ruby/object:Gem::Dependency
|
|
70
|
+
name: pry-byebug
|
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
|
72
|
+
requirements:
|
|
73
|
+
- - ">="
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '0'
|
|
76
|
+
type: :development
|
|
77
|
+
prerelease: false
|
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - ">="
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0'
|
|
55
83
|
- !ruby/object:Gem::Dependency
|
|
56
84
|
name: sentry-ruby
|
|
57
85
|
requirement: !ruby/object:Gem::Requirement
|