sentry-sanitizer 0.6.0 → 0.6.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f83f2a0c9bb759f6f43b1b25f3219e403123d8bdade87f5aa8f6838269e432e7
4
- data.tar.gz: 9230c77fb3a9a178d457068e2ca03f5e8491f0778ff1cb8d76e8c2a612b6c409
3
+ metadata.gz: 28b8d09f046de5bcc8a49a8d45bb6085fcd8cc7a75b45c124d3852ed10d0d6a8
4
+ data.tar.gz: 81ca424f2d0621de3145ce51e33b832eae035b0a47b3d1e34ef12405e9635682
5
5
  SHA512:
6
- metadata.gz: b7ec44c8b25b101d9fb01ec0472e1e6338db2c9d5385599f91341c911c9754951005d574d86a868fb13a4120c2a517e91d2334e2b9e93e4253adff9d0d77babf
7
- data.tar.gz: 52e91220a7cc128f9c02e20889187cf2c2fe23bd7061b2e01e359f12b9da175fdc2a8218891676513b8ccc280da4afc0c3bf39e95dfabfecfaf1416b422fea67
6
+ metadata.gz: 7d0071d14501f30602faf1a8f9cbd66616a5f8f466f452e0e6d2f7c60c6fc5728b8bfcf9a29fb114945096b90b1b8d62fe44c4379372f724884c9e8820f6b2ff
7
+ data.tar.gz: 7bc07680b68c911b4ac150a3aeb7896ed7494700d74f9d5f6da2a2476e682d5fad35609e517c1aee3097f2f9994a2f54600966c201bcc0263475de964f41ccb7
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- sentry-sanitizer (0.6.0)
4
+ sentry-sanitizer (0.6.1)
5
5
  sentry-ruby (~> 5.3)
6
6
 
7
7
  GEM
data/README.md CHANGED
@@ -56,6 +56,9 @@ Sentry.init do |config|
56
56
  # You can sanitize all cookies with this setting
57
57
  config.sanitize.cookies = true
58
58
 
59
+ # You can sanitize query string params for GET requests
60
+ config.sanitize.query_string = true
61
+
59
62
  # ...
60
63
  end
61
64
  ```
@@ -14,37 +14,38 @@ module Sentry
14
14
  @http_headers = config.http_headers || DEFAULT_SENSITIVE_HEADERS
15
15
  @do_cookies = config.cookies || false
16
16
  @do_query_string = config.query_string || false
17
+ @mask = config.mask || DEFAULT_MASK
17
18
  end
18
19
 
19
20
  def call(event)
20
21
  if event.is_a?(Sentry::Event)
21
- sanitize_request(event, :object) if event.request
22
- event.extra = sanitize_data(event.extra)
22
+ sanitize(event, :object) if event.request
23
23
  elsif event.is_a?(Hash)
24
- sanitize_request(event, :stringified_hash) if event['request']
25
- sanitize_request(event, :symbolized_hash) if event[:request]
26
- event['extra'] = sanitize_data(event['extra']) if event['extra']
27
- event[:extra] = sanitize_data(event[:extra]) if event[:extra]
24
+ sanitize(event, :stringified_hash) if event['request']
25
+ sanitize(event, :symbolized_hash) if event[:request]
28
26
  end
29
27
  end
30
28
 
31
- def sanitize_request(event, type)
29
+ def sanitize(event, type)
32
30
  case type
33
31
  when :object
34
32
  event.request.data = sanitize_data(event.request.data)
35
33
  event.request.headers = sanitize_headers(event.request.headers)
36
34
  event.request.cookies = sanitize_cookies(event.request.cookies)
37
35
  event.request.query_string = sanitize_query_string(event.request.query_string)
36
+ event.extra = sanitize_data(event.extra)
38
37
  when :stringified_hash
39
38
  event['request']['data'] = sanitize_data(event['request']['data'])
40
39
  event['request']['headers'] = sanitize_headers(event['request']['headers'])
41
40
  event['request']['cookies'] = sanitize_cookies(event['request']['cookies'])
42
41
  event['request']['query_string'] = sanitize_query_string(event['request']['query_string'])
42
+ event['extra'] = sanitize_data(event['extra'])
43
43
  when :symbolized_hash
44
44
  event[:request][:data] = sanitize_data(event[:request][:data])
45
45
  event[:request][:headers] = sanitize_headers(event[:request][:headers])
46
46
  event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
47
47
  event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
48
+ event[:extra] = sanitize_data(event[:extra])
48
49
  end
49
50
  end
50
51
 
@@ -57,19 +58,23 @@ module Sentry
57
58
 
58
59
  private
59
60
 
60
- attr_reader :fields, :http_headers, :do_cookies, :do_query_string
61
+ attr_reader :fields,
62
+ :http_headers,
63
+ :do_cookies,
64
+ :do_query_string,
65
+ :mask
61
66
 
62
67
  # Sanitize specified headers
63
68
  def sanitize_headers(headers)
64
69
  case http_headers
65
70
  when TrueClass
66
- headers.transform_values { DEFAULT_MASK }
71
+ headers.transform_values { mask }
67
72
  when Array
68
73
  return headers unless http_headers.size.positive?
69
74
  http_headers_regex = sensitive_regexp(http_headers)
70
75
 
71
76
  headers.keys.select { |key| key.match?(http_headers_regex) }.each do |key|
72
- headers[key] = DEFAULT_MASK
77
+ headers[key] = mask
73
78
  end
74
79
 
75
80
  headers
@@ -83,7 +88,7 @@ module Sentry
83
88
  return cookies unless do_cookies
84
89
  return cookies unless cookies.is_a? Hash
85
90
 
86
- cookies.transform_values { DEFAULT_MASK }
91
+ cookies.transform_values { mask }
87
92
  end
88
93
 
89
94
  def sanitize_query_string(query_string)
@@ -115,7 +120,7 @@ module Sentry
115
120
 
116
121
  def sanitize_hash(key, value)
117
122
  if key&.match?(sensitive_fields)
118
- DEFAULT_MASK
123
+ mask
119
124
  elsif value.frozen?
120
125
  value.merge(value) { |k, v| sanitize_value(v, k) }
121
126
  else
@@ -132,7 +137,7 @@ module Sentry
132
137
  end
133
138
 
134
139
  def sanitize_string(key, value)
135
- key&.match?(sensitive_fields) ? DEFAULT_MASK : value
140
+ key&.match?(sensitive_fields) ? mask : value
136
141
  end
137
142
 
138
143
  def sensitive_fields
@@ -24,10 +24,19 @@ module Sentry
24
24
 
25
25
  module Sanitizer
26
26
  class Configuration
27
- attr_accessor :fields, :http_headers, :cookies, :query_string
27
+ attr_accessor :fields,
28
+ :http_headers,
29
+ :cookies,
30
+ :query_string,
31
+ :mask
28
32
 
29
33
  def configured?
30
- [fields, http_headers, cookies, query_string].any? { |setting| !setting.nil? }
34
+ [
35
+ fields,
36
+ http_headers,
37
+ cookies,
38
+ query_string
39
+ ].any? { |setting| !setting.nil? }
31
40
  end
32
41
 
33
42
  def fields=(fields)
@@ -61,6 +70,14 @@ module Sentry
61
70
 
62
71
  @query_string = query_string
63
72
  end
73
+
74
+ def mask=(mask)
75
+ unless mask.is_a?(String)
76
+ raise ArgumentError, 'mask must be string'
77
+ end
78
+
79
+ @mask = mask
80
+ end
64
81
  end
65
82
  end
66
83
  end
@@ -2,12 +2,15 @@ module Sentry
2
2
  module Sanitizer
3
3
  module ConfigurationMixin
4
4
  # Allow adding multiple hooks for this extension
5
+ #
6
+ # @param [nil, false, #call] value
7
+ #
5
8
  def before_send=(value)
6
- unless value == nil || value.respond_to?(:call)
9
+ unless value == nil || value == false || value.respond_to?(:call)
7
10
  raise ArgumentError, "before_send must be callable (or false to disable)"
8
11
  end
9
12
 
10
- return if value == nil
13
+ return unless value
11
14
 
12
15
  @before_send_hook_list ||= []
13
16
  @before_send_hook_list << value
@@ -1,5 +1,5 @@
1
1
  module Sentry
2
2
  module Sanitizer
3
- VERSION = '0.6.0'
3
+ VERSION = '0.6.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sentry-sanitizer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Valentine Kiselev
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-09-19 00:00:00.000000000 Z
11
+ date: 2022-11-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: codecov
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
156
  - !ruby/object:Gem::Version
157
157
  version: '0'
158
158
  requirements: []
159
- rubygems_version: 3.2.3
159
+ rubygems_version: 3.2.32
160
160
  signing_key:
161
161
  specification_version: 4
162
162
  summary: Sanitizing middleware for sentry-ruby gem