sentry-sanitizer 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f5e72465155d2d2f7cfca7b160dfced31c2c85543670e7b863fae6cd73c6d0a7
4
- data.tar.gz: 0fd2e9911a2a89ff07be1dd899cbf02e000ac277c81bc55f8f09ddab3d3ac5fe
3
+ metadata.gz: f83f2a0c9bb759f6f43b1b25f3219e403123d8bdade87f5aa8f6838269e432e7
4
+ data.tar.gz: 9230c77fb3a9a178d457068e2ca03f5e8491f0778ff1cb8d76e8c2a612b6c409
5
5
  SHA512:
6
- metadata.gz: 32d5b51b6426f5ee5fd808e5cf2c2483170d16128e211091f8040a34364a7f0a6b049ed2d65c96c555ece5825332327e4af6eb5818e94a71f244a85c57af2c41
7
- data.tar.gz: 1ba0f966fb062fdf220751af4af907db6a323f3b982051e62ec7b599e3e9f4c95a51003853cee0afcdb8b1b14bacc78861642c4deb8a0a75938e4380fa11cd6a
6
+ metadata.gz: b7ec44c8b25b101d9fb01ec0472e1e6338db2c9d5385599f91341c911c9754951005d574d86a868fb13a4120c2a517e91d2334e2b9e93e4253adff9d0d77babf
7
+ data.tar.gz: 52e91220a7cc128f9c02e20889187cf2c2fe23bd7061b2e01e359f12b9da175fdc2a8218891676513b8ccc280da4afc0c3bf39e95dfabfecfaf1416b422fea67
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- sentry-sanitizer (0.5.1)
4
+ sentry-sanitizer (0.6.0)
5
5
  sentry-ruby (~> 5.3)
6
6
 
7
7
  GEM
data/README.md CHANGED
@@ -12,6 +12,7 @@ Currently this gem provides following features
12
12
  - [x] Sanitizing POST params
13
13
  - [x] Sanitizing HTTP headers
14
14
  - [x] Sanitizing cookies
15
+ - [x] Sanitizing query string
15
16
  - [x] Sanitizing extras ([see](https://docs.sentry.io/platforms/ruby/enriching-events/context/#additional-data) `Sentry.set_extras`)
16
17
 
17
18
  ## Installation
@@ -13,6 +13,7 @@ module Sentry
13
13
  @fields = config.fields || []
14
14
  @http_headers = config.http_headers || DEFAULT_SENSITIVE_HEADERS
15
15
  @do_cookies = config.cookies || false
16
+ @do_query_string = config.query_string || false
16
17
  end
17
18
 
18
19
  def call(event)
@@ -33,14 +34,17 @@ module Sentry
33
34
  event.request.data = sanitize_data(event.request.data)
34
35
  event.request.headers = sanitize_headers(event.request.headers)
35
36
  event.request.cookies = sanitize_cookies(event.request.cookies)
37
+ event.request.query_string = sanitize_query_string(event.request.query_string)
36
38
  when :stringified_hash
37
39
  event['request']['data'] = sanitize_data(event['request']['data'])
38
40
  event['request']['headers'] = sanitize_headers(event['request']['headers'])
39
41
  event['request']['cookies'] = sanitize_cookies(event['request']['cookies'])
42
+ event['request']['query_string'] = sanitize_query_string(event['request']['query_string'])
40
43
  when :symbolized_hash
41
44
  event[:request][:data] = sanitize_data(event[:request][:data])
42
45
  event[:request][:headers] = sanitize_headers(event[:request][:headers])
43
46
  event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
47
+ event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
44
48
  end
45
49
  end
46
50
 
@@ -53,7 +57,7 @@ module Sentry
53
57
 
54
58
  private
55
59
 
56
- attr_reader :fields, :http_headers, :do_cookies
60
+ attr_reader :fields, :http_headers, :do_cookies, :do_query_string
57
61
 
58
62
  # Sanitize specified headers
59
63
  def sanitize_headers(headers)
@@ -76,12 +80,26 @@ module Sentry
76
80
 
77
81
  # Sanitize all cookies
78
82
  def sanitize_cookies(cookies)
79
- return cookies unless cookies.is_a? Hash
80
83
  return cookies unless do_cookies
84
+ return cookies unless cookies.is_a? Hash
81
85
 
82
86
  cookies.transform_values { DEFAULT_MASK }
83
87
  end
84
88
 
89
+ def sanitize_query_string(query_string)
90
+ return query_string unless do_query_string
91
+ return query_string unless query_string.is_a? String
92
+
93
+ sanitized_array = query_string.split('&').map do |kv_pair|
94
+ k, v = kv_pair.split('=')
95
+ new_v = sanitize_string(k, v)
96
+
97
+ "#{k}=#{new_v}"
98
+ end
99
+
100
+ sanitized_array.join('&')
101
+ end
102
+
85
103
  def sanitize_value(value, key)
86
104
  case value
87
105
  when Hash
@@ -24,10 +24,10 @@ module Sentry
24
24
 
25
25
  module Sanitizer
26
26
  class Configuration
27
- attr_accessor :fields, :http_headers, :cookies
27
+ attr_accessor :fields, :http_headers, :cookies, :query_string
28
28
 
29
29
  def configured?
30
- [fields, http_headers, cookies].any? { |setting| !setting.nil? }
30
+ [fields, http_headers, cookies, query_string].any? { |setting| !setting.nil? }
31
31
  end
32
32
 
33
33
  def fields=(fields)
@@ -48,11 +48,19 @@ module Sentry
48
48
 
49
49
  def cookies=(cookies)
50
50
  unless [TrueClass, FalseClass].include?(cookies.class)
51
- raise ArgumentError, 'sanitize_cookies must be boolean'
51
+ raise ArgumentError, 'cookies must be boolean'
52
52
  end
53
53
 
54
54
  @cookies = cookies
55
55
  end
56
+
57
+ def query_string=(query_string)
58
+ unless [TrueClass, FalseClass].include?(query_string.class)
59
+ raise ArgumentError, 'query_string must be boolean'
60
+ end
61
+
62
+ @query_string = query_string
63
+ end
56
64
  end
57
65
  end
58
66
  end
@@ -1,5 +1,5 @@
1
1
  module Sentry
2
2
  module Sanitizer
3
- VERSION = '0.5.1'
3
+ VERSION = '0.6.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sentry-sanitizer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.1
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Valentine Kiselev
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-08 00:00:00.000000000 Z
11
+ date: 2022-09-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: codecov
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
156
  - !ruby/object:Gem::Version
157
157
  version: '0'
158
158
  requirements: []
159
- rubygems_version: 3.1.2
159
+ rubygems_version: 3.2.3
160
160
  signing_key:
161
161
  specification_version: 4
162
162
  summary: Sanitizing middleware for sentry-ruby gem