sentry-sanitizer 0.6.0 → 0.6.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +3 -0
- data/lib/sentry/sanitizer/cleaner.rb +18 -13
- data/lib/sentry/sanitizer/configuration.rb +19 -2
- data/lib/sentry/sanitizer/configuration_mixin.rb +5 -2
- data/lib/sentry/sanitizer/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 28b8d09f046de5bcc8a49a8d45bb6085fcd8cc7a75b45c124d3852ed10d0d6a8
|
|
4
|
+
data.tar.gz: 81ca424f2d0621de3145ce51e33b832eae035b0a47b3d1e34ef12405e9635682
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7d0071d14501f30602faf1a8f9cbd66616a5f8f466f452e0e6d2f7c60c6fc5728b8bfcf9a29fb114945096b90b1b8d62fe44c4379372f724884c9e8820f6b2ff
|
|
7
|
+
data.tar.gz: 7bc07680b68c911b4ac150a3aeb7896ed7494700d74f9d5f6da2a2476e682d5fad35609e517c1aee3097f2f9994a2f54600966c201bcc0263475de964f41ccb7
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -14,37 +14,38 @@ module Sentry
|
|
|
14
14
|
@http_headers = config.http_headers || DEFAULT_SENSITIVE_HEADERS
|
|
15
15
|
@do_cookies = config.cookies || false
|
|
16
16
|
@do_query_string = config.query_string || false
|
|
17
|
+
@mask = config.mask || DEFAULT_MASK
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def call(event)
|
|
20
21
|
if event.is_a?(Sentry::Event)
|
|
21
|
-
|
|
22
|
-
event.extra = sanitize_data(event.extra)
|
|
22
|
+
sanitize(event, :object) if event.request
|
|
23
23
|
elsif event.is_a?(Hash)
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
event['extra'] = sanitize_data(event['extra']) if event['extra']
|
|
27
|
-
event[:extra] = sanitize_data(event[:extra]) if event[:extra]
|
|
24
|
+
sanitize(event, :stringified_hash) if event['request']
|
|
25
|
+
sanitize(event, :symbolized_hash) if event[:request]
|
|
28
26
|
end
|
|
29
27
|
end
|
|
30
28
|
|
|
31
|
-
def
|
|
29
|
+
def sanitize(event, type)
|
|
32
30
|
case type
|
|
33
31
|
when :object
|
|
34
32
|
event.request.data = sanitize_data(event.request.data)
|
|
35
33
|
event.request.headers = sanitize_headers(event.request.headers)
|
|
36
34
|
event.request.cookies = sanitize_cookies(event.request.cookies)
|
|
37
35
|
event.request.query_string = sanitize_query_string(event.request.query_string)
|
|
36
|
+
event.extra = sanitize_data(event.extra)
|
|
38
37
|
when :stringified_hash
|
|
39
38
|
event['request']['data'] = sanitize_data(event['request']['data'])
|
|
40
39
|
event['request']['headers'] = sanitize_headers(event['request']['headers'])
|
|
41
40
|
event['request']['cookies'] = sanitize_cookies(event['request']['cookies'])
|
|
42
41
|
event['request']['query_string'] = sanitize_query_string(event['request']['query_string'])
|
|
42
|
+
event['extra'] = sanitize_data(event['extra'])
|
|
43
43
|
when :symbolized_hash
|
|
44
44
|
event[:request][:data] = sanitize_data(event[:request][:data])
|
|
45
45
|
event[:request][:headers] = sanitize_headers(event[:request][:headers])
|
|
46
46
|
event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
|
|
47
47
|
event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
|
|
48
|
+
event[:extra] = sanitize_data(event[:extra])
|
|
48
49
|
end
|
|
49
50
|
end
|
|
50
51
|
|
|
@@ -57,19 +58,23 @@ module Sentry
|
|
|
57
58
|
|
|
58
59
|
private
|
|
59
60
|
|
|
60
|
-
attr_reader :fields,
|
|
61
|
+
attr_reader :fields,
|
|
62
|
+
:http_headers,
|
|
63
|
+
:do_cookies,
|
|
64
|
+
:do_query_string,
|
|
65
|
+
:mask
|
|
61
66
|
|
|
62
67
|
# Sanitize specified headers
|
|
63
68
|
def sanitize_headers(headers)
|
|
64
69
|
case http_headers
|
|
65
70
|
when TrueClass
|
|
66
|
-
headers.transform_values {
|
|
71
|
+
headers.transform_values { mask }
|
|
67
72
|
when Array
|
|
68
73
|
return headers unless http_headers.size.positive?
|
|
69
74
|
http_headers_regex = sensitive_regexp(http_headers)
|
|
70
75
|
|
|
71
76
|
headers.keys.select { |key| key.match?(http_headers_regex) }.each do |key|
|
|
72
|
-
headers[key] =
|
|
77
|
+
headers[key] = mask
|
|
73
78
|
end
|
|
74
79
|
|
|
75
80
|
headers
|
|
@@ -83,7 +88,7 @@ module Sentry
|
|
|
83
88
|
return cookies unless do_cookies
|
|
84
89
|
return cookies unless cookies.is_a? Hash
|
|
85
90
|
|
|
86
|
-
cookies.transform_values {
|
|
91
|
+
cookies.transform_values { mask }
|
|
87
92
|
end
|
|
88
93
|
|
|
89
94
|
def sanitize_query_string(query_string)
|
|
@@ -115,7 +120,7 @@ module Sentry
|
|
|
115
120
|
|
|
116
121
|
def sanitize_hash(key, value)
|
|
117
122
|
if key&.match?(sensitive_fields)
|
|
118
|
-
|
|
123
|
+
mask
|
|
119
124
|
elsif value.frozen?
|
|
120
125
|
value.merge(value) { |k, v| sanitize_value(v, k) }
|
|
121
126
|
else
|
|
@@ -132,7 +137,7 @@ module Sentry
|
|
|
132
137
|
end
|
|
133
138
|
|
|
134
139
|
def sanitize_string(key, value)
|
|
135
|
-
key&.match?(sensitive_fields) ?
|
|
140
|
+
key&.match?(sensitive_fields) ? mask : value
|
|
136
141
|
end
|
|
137
142
|
|
|
138
143
|
def sensitive_fields
|
|
@@ -24,10 +24,19 @@ module Sentry
|
|
|
24
24
|
|
|
25
25
|
module Sanitizer
|
|
26
26
|
class Configuration
|
|
27
|
-
attr_accessor :fields,
|
|
27
|
+
attr_accessor :fields,
|
|
28
|
+
:http_headers,
|
|
29
|
+
:cookies,
|
|
30
|
+
:query_string,
|
|
31
|
+
:mask
|
|
28
32
|
|
|
29
33
|
def configured?
|
|
30
|
-
[
|
|
34
|
+
[
|
|
35
|
+
fields,
|
|
36
|
+
http_headers,
|
|
37
|
+
cookies,
|
|
38
|
+
query_string
|
|
39
|
+
].any? { |setting| !setting.nil? }
|
|
31
40
|
end
|
|
32
41
|
|
|
33
42
|
def fields=(fields)
|
|
@@ -61,6 +70,14 @@ module Sentry
|
|
|
61
70
|
|
|
62
71
|
@query_string = query_string
|
|
63
72
|
end
|
|
73
|
+
|
|
74
|
+
def mask=(mask)
|
|
75
|
+
unless mask.is_a?(String)
|
|
76
|
+
raise ArgumentError, 'mask must be string'
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
@mask = mask
|
|
80
|
+
end
|
|
64
81
|
end
|
|
65
82
|
end
|
|
66
83
|
end
|
|
@@ -2,12 +2,15 @@ module Sentry
|
|
|
2
2
|
module Sanitizer
|
|
3
3
|
module ConfigurationMixin
|
|
4
4
|
# Allow adding multiple hooks for this extension
|
|
5
|
+
#
|
|
6
|
+
# @param [nil, false, #call] value
|
|
7
|
+
#
|
|
5
8
|
def before_send=(value)
|
|
6
|
-
unless value == nil || value.respond_to?(:call)
|
|
9
|
+
unless value == nil || value == false || value.respond_to?(:call)
|
|
7
10
|
raise ArgumentError, "before_send must be callable (or false to disable)"
|
|
8
11
|
end
|
|
9
12
|
|
|
10
|
-
return
|
|
13
|
+
return unless value
|
|
11
14
|
|
|
12
15
|
@before_send_hook_list ||= []
|
|
13
16
|
@before_send_hook_list << value
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sentry-sanitizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Valentine Kiselev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-11-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: codecov
|
|
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
156
156
|
- !ruby/object:Gem::Version
|
|
157
157
|
version: '0'
|
|
158
158
|
requirements: []
|
|
159
|
-
rubygems_version: 3.2.
|
|
159
|
+
rubygems_version: 3.2.32
|
|
160
160
|
signing_key:
|
|
161
161
|
specification_version: 4
|
|
162
162
|
summary: Sanitizing middleware for sentry-ruby gem
|