sqreen-alt 1.13.2 → 1.13.4
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b7a897cefdb6a040f3833e14b4588c9f93a91e066b2e81f09c2e31b8ed93f06f
|
|
4
|
+
data.tar.gz: ce62d2759be30d1ff96e5c90d7a1e96d28ea38c7a9a88b9487b80aeb7106e07e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4c944e628dcfaaef7c6102cb8ce7bcf5455537e5a8fb0f3be435b59c531a173e4e4976acf028bccfafe9e9b51cf74bfc56d4b803063fd8cae12d1f74493528a5
|
|
7
|
+
data.tar.gz: 90f5b62eccafc3c19018333011cde0c9543cee3b92e92f57fec2749cada564d808e179c13d53fa75787b3344c603a679dfccb6e6020e55a403004967bb3e5db3
|
data/lib/sqreen/configuration.rb
CHANGED
|
@@ -52,8 +52,14 @@ module Sqreen
|
|
|
52
52
|
else
|
|
53
53
|
res[:request] = {}
|
|
54
54
|
end
|
|
55
|
+
|
|
55
56
|
res[:request][:parameters] = payload['params'] if payload['params']
|
|
56
57
|
res[:request][:headers] = payload['headers'] if payload['headers']
|
|
58
|
+
|
|
59
|
+
if Sqreen.config_get(:strip_sensitive_data)
|
|
60
|
+
res[:request] = SensitiveDataRedactor.redact(res[:request])
|
|
61
|
+
end
|
|
62
|
+
|
|
57
63
|
res
|
|
58
64
|
end
|
|
59
65
|
|
|
@@ -96,4 +102,31 @@ module Sqreen
|
|
|
96
102
|
nil
|
|
97
103
|
end
|
|
98
104
|
end
|
|
105
|
+
|
|
106
|
+
# For redacting sensitive data and avoid having it sent to our servers
|
|
107
|
+
class SensitiveDataRedactor
|
|
108
|
+
SENSITIVE_KEYS = Set.new(%w[password secret passwd authorization api_key apikey access_token]).freeze
|
|
109
|
+
MASK = '<Redacted by Sqreen>'.freeze
|
|
110
|
+
REGEX = /\A(?:\d[ -]*?){13,16}\z/
|
|
111
|
+
|
|
112
|
+
def self.redact(obj)
|
|
113
|
+
case obj
|
|
114
|
+
when String
|
|
115
|
+
return MASK if obj =~ REGEX
|
|
116
|
+
|
|
117
|
+
when Array
|
|
118
|
+
return obj.map(&method(:redact))
|
|
119
|
+
|
|
120
|
+
when Hash
|
|
121
|
+
return Hash[
|
|
122
|
+
obj.map do |k, v|
|
|
123
|
+
ck = k.is_a?(String) ? k.downcase : k
|
|
124
|
+
[k, SENSITIVE_KEYS.include?(ck) ? MASK : redact(v)]
|
|
125
|
+
end
|
|
126
|
+
]
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
obj
|
|
130
|
+
end
|
|
131
|
+
end
|
|
99
132
|
end
|
|
@@ -393,6 +393,7 @@ module Sqreen
|
|
|
393
393
|
each_key_value_for_hash(p) do |value|
|
|
394
394
|
next unless value.is_a?(String)
|
|
395
395
|
next if value.size < 5
|
|
396
|
+
value = value.force_encoding(Encoding::ISO_8859_1).encode(Encoding::UTF_8) unless value.valid_encoding?
|
|
396
397
|
next if regexp && !regexp.match?(value)
|
|
397
398
|
parm << value
|
|
398
399
|
end
|
|
@@ -410,6 +411,7 @@ module Sqreen
|
|
|
410
411
|
each_key_value_for_hash(p) do |value|
|
|
411
412
|
next unless value.is_a?(String)
|
|
412
413
|
next if value.size < 5
|
|
414
|
+
value = value.force_encoding(Encoding::ISO_8859_1).encode(Encoding::UTF_8) unless value.valid_encoding?
|
|
413
415
|
next if regexp && !regexp.match(value)
|
|
414
416
|
parm << value
|
|
415
417
|
end
|
|
@@ -140,7 +140,8 @@ module Sqreen
|
|
|
140
140
|
tag = ret
|
|
141
141
|
if tag.value[:escape_html] == false &&
|
|
142
142
|
tag.value[:value].respond_to?(:include?) &&
|
|
143
|
-
!tag.value[:value].include?('html_escape')
|
|
143
|
+
!tag.value[:value].include?('html_escape') &&
|
|
144
|
+
tag.value[:parse] == true
|
|
144
145
|
tag.value[:value] = "Sqreen.escape_haml((#{tag.value[:value]}))"
|
|
145
146
|
return { :status => :override, :new_return_value => tag }
|
|
146
147
|
end
|
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqreen-alt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.13.
|
|
4
|
+
version: 1.13.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sqreen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-08-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: execjs
|