sqreen 1.1.01481108064-java → 1.1.11481117869-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a9d3f7c3fc865a93d78175383a7f424176a288c1
4
- data.tar.gz: 26617b49da228995435b7940a0723201895d41f3
3
+ metadata.gz: 0380f38a3af0fbb87e91fb92c71261300ac8e705
4
+ data.tar.gz: e26603f5e01edd06550f54bb66ae4b202b24e5fc
5
5
  SHA512:
6
- metadata.gz: df9fc5626f01080a479cb72ccea334b06d6c04c62a2fa142c34f5f9cb411e484ca333ea0663a79fa8e7109f5f9dff077f1f116631e17f57383433df410f153e6
7
- data.tar.gz: 3da6a48af4310d9fdb6f251b85401ef2ae3ab9ba9ca089c0612be02012f59e0b1671e02c0a29740a8f6bba63a0c6485acbf0ff6c37c94030226c639a31d3a581
6
+ metadata.gz: b274e896a689f03dbc034ee62ffb06761dfa7361665606bd7d31261a8fdfcc978361e832ad221ab2ceaf767a99eeb7b2bd49b6727b6c578b0c0d545795b48e1e
7
+ data.tar.gz: 5de74d338c25967869f36a2f6a6da4700d342ea544b0c3db30d7738bc0d0f0cfd490322e12e4f1a35964712f2e6338a817266243888848156fe8946807aaebaa
@@ -54,6 +54,7 @@ module Sqreen
54
54
  res[:request] = request_p if request_p
55
55
  res[:params] = payload['params'] if payload['params']
56
56
  res[:context] = payload['context'] if payload['context']
57
+ res[:headers] = payload['headers'] if payload['headers']
57
58
  res
58
59
  end
59
60
  end
@@ -40,6 +40,7 @@ module Sqreen
40
40
  :client_ip => payload['client_ip'],
41
41
  },
42
42
  :request => payload['request_infos'],
43
+ :headers => payload['headers'],
43
44
  :rule_name => payload['rule_name'],
44
45
  :rulespack_id => payload['rulespack_id'],
45
46
  }
@@ -2,6 +2,9 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
 
4
4
  require 'sqreen/events/remote_exception'
5
+ require 'sqreen/callbacks'
6
+ require 'sqreen/exception'
7
+ require 'sqreen/log'
5
8
 
6
9
  module Sqreen
7
10
  module Frameworks
@@ -33,14 +36,49 @@ module Sqreen
33
36
  }
34
37
  end
35
38
 
39
+ def ip_headers
40
+ req = request
41
+ return [] unless req
42
+ ips = []
43
+ %w(HTTP_X_FORWARDED_FOR HTTP_CLIENT_IP HTTP_X_REAL_IP HTTP_X_FORWARDED
44
+ HTTP_X_CLUSTER_CLIENT_IP HTTP_FORWARDED_FOR HTTP_FORWARDED HTTP_VIA
45
+ REMOTE_ADDR).each do |header|
46
+ v = req.env[header]
47
+ ips << [header, v] unless v.nil?
48
+ end
49
+ ips << ['rack.ip', req.ip] if req.respond_to?(:ip)
50
+ ips
51
+ end
52
+
53
+ # What is the current client IP as seen by rack
54
+ def rack_client_ip
55
+ req = request
56
+ return nil unless req
57
+ return req.ip if req.respond_to?(:ip)
58
+ req.env['REMOTE_ADDR']
59
+ end
60
+
61
+ # Sourced from rack:Request#trusted_proxy?
62
+ TRUSTED_PROXIES = /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
63
+
36
64
  # What is the current client IP
37
65
  def client_ip
38
66
  req = request
39
67
  return nil unless req
40
- return req.ip if req.respond_to?(:ip)
68
+ forwarded = req.env['HTTP_X_FORWARDED_FOR']
69
+ ips = split_ip_addresses(forwarded)
70
+ last = ips.reject { |ip| ip =~ TRUSTED_PROXIES }.first
71
+ return last unless last.nil?
41
72
  req.env['REMOTE_ADDR']
42
73
  end
43
74
 
75
+ # Get a header by name
76
+ def header(name)
77
+ req = request
78
+ return nil unless req
79
+ req.env[name]
80
+ end
81
+
44
82
  def hostname
45
83
  req = request
46
84
  return nil unless req
@@ -277,6 +315,12 @@ module Sqreen
277
315
  @cannot_load_rack = true
278
316
  false
279
317
  end
318
+
319
+ private
320
+
321
+ def split_ip_addresses(ip_addresses)
322
+ ip_addresses ? ip_addresses.strip.split(/[,\s]+/) : []
323
+ end
280
324
  end
281
325
  end
282
326
  end
@@ -38,19 +38,24 @@ module Sqreen
38
38
  [db_type, db_infos]
39
39
  end
40
40
 
41
- def client_ip
42
- request = SharedStorage.get :request
43
- return unless request && request.env
44
- remote_ip = request.env['action_dispatch.remote_ip']
45
- return super unless remote_ip
41
+ def ip_headers
42
+ ret = super
43
+ remote_ip = rails_client_ip
44
+ ret << ['action_dispatch.remote_ip', remote_ip] unless remote_ip.nil?
45
+ ret
46
+ end
47
+
48
+ # What is the current client IP as seen by rails
49
+ def rails_client_ip
50
+ req = request
51
+ return unless req && req.env
52
+ remote_ip = req.env['action_dispatch.remote_ip']
53
+ return unless remote_ip
46
54
  # FIXME: - this exist only since Rails 3.2.1
47
55
  # http://apidock.com/rails/v3.2.1/ActionDispatch/RemoteIp/GetIp/calculate_ip
48
- if remote_ip.respond_to?(:calculate_ip)
49
- return remote_ip.calculate_ip
50
- else
51
- # This might not return the same value as calculate IP
52
- return remote_ip.to_s
53
- end
56
+ return remote_ip.calculate_ip if remote_ip.respond_to?(:calculate_ip)
57
+ # This might not return the same value as calculate IP
58
+ remote_ip.to_s
54
59
  end
55
60
 
56
61
  def request_id
@@ -46,7 +46,7 @@ module Sqreen
46
46
  if subsection == true
47
47
  return base.merge!(key => full_section(key, framework, rule))
48
48
  end
49
- return base if subsection.size == 0
49
+ return base if subsection.empty?
50
50
  base[key] = fields(key, framework, rule)
51
51
  base
52
52
  end
@@ -54,6 +54,7 @@ module Sqreen
54
54
  FULL_SECTIONS = {
55
55
  'request' => 'request_infos',
56
56
  'params' => 'filtered_request_params',
57
+ 'headers' => 'ip_headers',
57
58
  'local' => 'local_infos',
58
59
  }.freeze
59
60
 
@@ -72,6 +73,7 @@ module Sqreen
72
73
  'rails' => 'rails_params',
73
74
  },
74
75
  'rule' => {},
76
+ 'headers' => {},
75
77
  'context' => {
76
78
  'backtrace' => 'get_current_backtrace',
77
79
  },
@@ -81,12 +83,15 @@ module Sqreen
81
83
  return RuntimeInfos if section == 'local'
82
84
  return rule if section == 'rule'
83
85
  return Context.new if section == 'context'
86
+ return HeaderSection.new(framework) if section == 'headers'
84
87
  framework
85
88
  end
86
89
 
87
90
  def full_section(section, framework, rule)
88
91
  return section_rule(framework, rule) if section == 'rule'
89
92
  return section_context(framework, rule) if section == 'context'
93
+ # fast path prevent initializing a HeaderSection
94
+ return framework.ip_headers if section == 'headers'
90
95
  so = section_object(section, framework, rule)
91
96
  so.send(FULL_SECTIONS[section])
92
97
  end
@@ -128,5 +133,27 @@ module Sqreen
128
133
  'test' => rule['test'],
129
134
  }
130
135
  end
136
+
137
+ # object that default to call on framework header
138
+ class HeaderSection
139
+ def initialize(framework)
140
+ @framework = framework
141
+ end
142
+
143
+ def [](value)
144
+ if %w(rack_client_ip rails_client_ip ip_headers).include?(value)
145
+ return @framework.send(value)
146
+ end
147
+ @framework.header(value)
148
+ end
149
+
150
+ def ip_headers
151
+ @framework.ip_headers
152
+ end
153
+ end
154
+
155
+ def section_headers(framework)
156
+ HeaderSection.new(framework)
157
+ end
131
158
  end
132
159
  end
@@ -90,6 +90,11 @@ module Sqreen
90
90
  rescue => e
91
91
  Sqreen.log.debug("No framework client_ip #{e}")
92
92
  end
93
+ begin
94
+ payload['headers'] = framework.ip_headers
95
+ rescue => e
96
+ Sqreen.log.debug("No framework ip_headers #{e}")
97
+ end
93
98
  RemoteException.record(payload)
94
99
  end
95
100
  end
@@ -2,5 +2,5 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  # Warning This file is auto generated! DO NOT edit.
4
4
  module Sqreen
5
- VERSION = "1.1.01481108064".freeze
5
+ VERSION = "1.1.11481117869".freeze
6
6
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.01481108064
4
+ version: 1.1.11481117869
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen