sentry-sanitizer 0.5.1 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +1 -0
- data/lib/sentry/sanitizer/cleaner.rb +20 -2
- data/lib/sentry/sanitizer/configuration.rb +11 -3
- data/lib/sentry/sanitizer/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f83f2a0c9bb759f6f43b1b25f3219e403123d8bdade87f5aa8f6838269e432e7
|
4
|
+
data.tar.gz: 9230c77fb3a9a178d457068e2ca03f5e8491f0778ff1cb8d76e8c2a612b6c409
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b7ec44c8b25b101d9fb01ec0472e1e6338db2c9d5385599f91341c911c9754951005d574d86a868fb13a4120c2a517e91d2334e2b9e93e4253adff9d0d77babf
|
7
|
+
data.tar.gz: 52e91220a7cc128f9c02e20889187cf2c2fe23bd7061b2e01e359f12b9da175fdc2a8218891676513b8ccc280da4afc0c3bf39e95dfabfecfaf1416b422fea67
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -12,6 +12,7 @@ Currently this gem provides following features
|
|
12
12
|
- [x] Sanitizing POST params
|
13
13
|
- [x] Sanitizing HTTP headers
|
14
14
|
- [x] Sanitizing cookies
|
15
|
+
- [x] Sanitizing query string
|
15
16
|
- [x] Sanitizing extras ([see](https://docs.sentry.io/platforms/ruby/enriching-events/context/#additional-data) `Sentry.set_extras`)
|
16
17
|
|
17
18
|
## Installation
|
@@ -13,6 +13,7 @@ module Sentry
|
|
13
13
|
@fields = config.fields || []
|
14
14
|
@http_headers = config.http_headers || DEFAULT_SENSITIVE_HEADERS
|
15
15
|
@do_cookies = config.cookies || false
|
16
|
+
@do_query_string = config.query_string || false
|
16
17
|
end
|
17
18
|
|
18
19
|
def call(event)
|
@@ -33,14 +34,17 @@ module Sentry
|
|
33
34
|
event.request.data = sanitize_data(event.request.data)
|
34
35
|
event.request.headers = sanitize_headers(event.request.headers)
|
35
36
|
event.request.cookies = sanitize_cookies(event.request.cookies)
|
37
|
+
event.request.query_string = sanitize_query_string(event.request.query_string)
|
36
38
|
when :stringified_hash
|
37
39
|
event['request']['data'] = sanitize_data(event['request']['data'])
|
38
40
|
event['request']['headers'] = sanitize_headers(event['request']['headers'])
|
39
41
|
event['request']['cookies'] = sanitize_cookies(event['request']['cookies'])
|
42
|
+
event['request']['query_string'] = sanitize_query_string(event['request']['query_string'])
|
40
43
|
when :symbolized_hash
|
41
44
|
event[:request][:data] = sanitize_data(event[:request][:data])
|
42
45
|
event[:request][:headers] = sanitize_headers(event[:request][:headers])
|
43
46
|
event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
|
47
|
+
event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
|
44
48
|
end
|
45
49
|
end
|
46
50
|
|
@@ -53,7 +57,7 @@ module Sentry
|
|
53
57
|
|
54
58
|
private
|
55
59
|
|
56
|
-
attr_reader :fields, :http_headers, :do_cookies
|
60
|
+
attr_reader :fields, :http_headers, :do_cookies, :do_query_string
|
57
61
|
|
58
62
|
# Sanitize specified headers
|
59
63
|
def sanitize_headers(headers)
|
@@ -76,12 +80,26 @@ module Sentry
|
|
76
80
|
|
77
81
|
# Sanitize all cookies
|
78
82
|
def sanitize_cookies(cookies)
|
79
|
-
return cookies unless cookies.is_a? Hash
|
80
83
|
return cookies unless do_cookies
|
84
|
+
return cookies unless cookies.is_a? Hash
|
81
85
|
|
82
86
|
cookies.transform_values { DEFAULT_MASK }
|
83
87
|
end
|
84
88
|
|
89
|
+
def sanitize_query_string(query_string)
|
90
|
+
return query_string unless do_query_string
|
91
|
+
return query_string unless query_string.is_a? String
|
92
|
+
|
93
|
+
sanitized_array = query_string.split('&').map do |kv_pair|
|
94
|
+
k, v = kv_pair.split('=')
|
95
|
+
new_v = sanitize_string(k, v)
|
96
|
+
|
97
|
+
"#{k}=#{new_v}"
|
98
|
+
end
|
99
|
+
|
100
|
+
sanitized_array.join('&')
|
101
|
+
end
|
102
|
+
|
85
103
|
def sanitize_value(value, key)
|
86
104
|
case value
|
87
105
|
when Hash
|
@@ -24,10 +24,10 @@ module Sentry
|
|
24
24
|
|
25
25
|
module Sanitizer
|
26
26
|
class Configuration
|
27
|
-
attr_accessor :fields, :http_headers, :cookies
|
27
|
+
attr_accessor :fields, :http_headers, :cookies, :query_string
|
28
28
|
|
29
29
|
def configured?
|
30
|
-
[fields, http_headers, cookies].any? { |setting| !setting.nil? }
|
30
|
+
[fields, http_headers, cookies, query_string].any? { |setting| !setting.nil? }
|
31
31
|
end
|
32
32
|
|
33
33
|
def fields=(fields)
|
@@ -48,11 +48,19 @@ module Sentry
|
|
48
48
|
|
49
49
|
def cookies=(cookies)
|
50
50
|
unless [TrueClass, FalseClass].include?(cookies.class)
|
51
|
-
raise ArgumentError, '
|
51
|
+
raise ArgumentError, 'cookies must be boolean'
|
52
52
|
end
|
53
53
|
|
54
54
|
@cookies = cookies
|
55
55
|
end
|
56
|
+
|
57
|
+
def query_string=(query_string)
|
58
|
+
unless [TrueClass, FalseClass].include?(query_string.class)
|
59
|
+
raise ArgumentError, 'query_string must be boolean'
|
60
|
+
end
|
61
|
+
|
62
|
+
@query_string = query_string
|
63
|
+
end
|
56
64
|
end
|
57
65
|
end
|
58
66
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sentry-sanitizer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Valentine Kiselev
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: codecov
|
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
156
|
- !ruby/object:Gem::Version
|
157
157
|
version: '0'
|
158
158
|
requirements: []
|
159
|
-
rubygems_version: 3.
|
159
|
+
rubygems_version: 3.2.3
|
160
160
|
signing_key:
|
161
161
|
specification_version: 4
|
162
162
|
summary: Sanitizing middleware for sentry-ruby gem
|