songkick-transport 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
data/README.rdoc
CHANGED
|
@@ -253,6 +253,11 @@ This method accepts both strings and regexes. Any parameter name (as serialized
|
|
|
253
253
|
in a query string) that matches one of these will be logged as e.g.
|
|
254
254
|
<tt>password=[REMOVED]</tt>.
|
|
255
255
|
|
|
256
|
+
It also sanitizes custom headers that are put in the logs, so you might want to
|
|
257
|
+
exclude headers used for authentication:
|
|
258
|
+
|
|
259
|
+
Songkick::Transport.sanitize /Authorization/i, /Cookie/i
|
|
260
|
+
|
|
256
261
|
There is also a more advanced reporting system that lets you aggregate request
|
|
257
262
|
statistics. During a request to a web application, many requests to backend
|
|
258
263
|
services may be involved. The repoting system lets you collect information about
|
|
@@ -7,7 +7,7 @@ module Songkick
|
|
|
7
7
|
HTTP_VERBS.each do |verb|
|
|
8
8
|
class_eval %{
|
|
9
9
|
def #{verb}(path, params = {}, head = {}, timeout = nil)
|
|
10
|
-
req = Request.new(endpoint, '#{verb}', path, params, headers.merge(head), timeout)
|
|
10
|
+
req = Request.new(endpoint, '#{verb}', path, params, headers.merge(head), timeout, Time.now)
|
|
11
11
|
Reporting.log_request(req)
|
|
12
12
|
|
|
13
13
|
response = execute_request(req)
|
|
@@ -63,6 +63,10 @@ module Songkick
|
|
|
63
63
|
def to_s
|
|
64
64
|
url = Serialization.build_url(@verb, @endpoint, @path, @params, true)
|
|
65
65
|
command = "#{@verb.upcase} '#{url}'"
|
|
66
|
+
@headers.each do |key, value|
|
|
67
|
+
value = Serialization::SANITIZED_VALUE if Serialization.sanitize?(key)
|
|
68
|
+
command << " -H '#{key}: #{value}'"
|
|
69
|
+
end
|
|
66
70
|
return command unless use_body?
|
|
67
71
|
query = Serialization.build_query_string(params, true, true)
|
|
68
72
|
command << " -H 'Content-Type: #{content_type}'"
|
|
@@ -16,9 +16,7 @@ module Songkick
|
|
|
16
16
|
def build_query_string(params, fully_encode = true, sanitize = false)
|
|
17
17
|
pairs = []
|
|
18
18
|
each_qs_param('', params) do |key, value|
|
|
19
|
-
if sanitize and sanitize?(key)
|
|
20
|
-
value = SANITIZED_VALUE
|
|
21
|
-
end
|
|
19
|
+
value = SANITIZED_VALUE if sanitize and sanitize?(key)
|
|
22
20
|
pairs << [key, value]
|
|
23
21
|
end
|
|
24
22
|
if fully_encode
|
|
@@ -5,8 +5,12 @@ describe Songkick::Transport::Request do
|
|
|
5
5
|
{:username => "Louis", :password => "CK", :access => {:token => "foo"}}
|
|
6
6
|
end
|
|
7
7
|
|
|
8
|
+
let :headers do
|
|
9
|
+
{"Authorization" => "Hello"}
|
|
10
|
+
end
|
|
11
|
+
|
|
8
12
|
let :get_request do
|
|
9
|
-
Songkick::Transport::Request.new("www.example.com", "GET", "/", params)
|
|
13
|
+
Songkick::Transport::Request.new("www.example.com", "GET", "/", params, headers)
|
|
10
14
|
end
|
|
11
15
|
|
|
12
16
|
let :post_request do
|
|
@@ -20,7 +24,7 @@ describe Songkick::Transport::Request do
|
|
|
20
24
|
describe :to_s do
|
|
21
25
|
context "with a get request" do
|
|
22
26
|
it "returns the request as a curl command" do
|
|
23
|
-
pattern = %r{^GET 'www.example.com/\?([^']+)'$}
|
|
27
|
+
pattern = %r{^GET 'www.example.com/\?([^']+)' -H 'Authorization: Hello'$}
|
|
24
28
|
get_request.to_s.should =~ pattern
|
|
25
29
|
query(get_request, pattern).should == ["access[token]=foo", "password=CK", "username=Louis"]
|
|
26
30
|
end
|
|
@@ -36,12 +40,12 @@ describe Songkick::Transport::Request do
|
|
|
36
40
|
|
|
37
41
|
describe "with query sanitization" do
|
|
38
42
|
before do
|
|
39
|
-
Songkick::Transport.stub(:sanitized_params).and_return [/password/, "access[token]"]
|
|
43
|
+
Songkick::Transport.stub(:sanitized_params).and_return [/password/, "access[token]", /Authorization/i]
|
|
40
44
|
end
|
|
41
45
|
|
|
42
46
|
context "with a get request" do
|
|
43
47
|
it "removes the parameter values from the request" do
|
|
44
|
-
pattern = %r{^GET 'www.example.com/\?([^']+)'$}
|
|
48
|
+
pattern = %r{^GET 'www.example.com/\?([^']+)' -H 'Authorization: \[REMOVED\]'$}
|
|
45
49
|
get_request.to_s.should =~ pattern
|
|
46
50
|
query(get_request, pattern).should == ["access[token]=[REMOVED]", "password=[REMOVED]", "username=Louis"]
|
|
47
51
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: songkick-transport
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-07-
|
|
12
|
+
date: 2012-07-31 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: multipart-post
|