sqreen 1.13.2-java → 1.13.4-java
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2d9abe0c770383b57205c2eb661c33ed286ed18a
|
|
4
|
+
data.tar.gz: d802f183cc3fe90149eb1e1ccce5faba70be653d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4f72bc138efcde980f98924266e8dd861a46aadf2221a0e17a8520c6066bfa921c8cfdf5407143b8c8a20fa0340ced7dd02a784ea62fc86fd3079902b9de909
|
|
7
|
+
data.tar.gz: cbb3d0a5123068c0e23739d4261b731917d4ce77c9c8ceac854610b9df39b994bfe69ca23a23148a2346f7644fa4452cea468ae8737d1ff27213afe991f625bd
|
data/lib/sqreen/configuration.rb
CHANGED
|
@@ -52,8 +52,14 @@ module Sqreen
|
|
|
52
52
|
else
|
|
53
53
|
res[:request] = {}
|
|
54
54
|
end
|
|
55
|
+
|
|
55
56
|
res[:request][:parameters] = payload['params'] if payload['params']
|
|
56
57
|
res[:request][:headers] = payload['headers'] if payload['headers']
|
|
58
|
+
|
|
59
|
+
if Sqreen.config_get(:strip_sensitive_data)
|
|
60
|
+
res[:request] = SensitiveDataRedactor.redact(res[:request])
|
|
61
|
+
end
|
|
62
|
+
|
|
57
63
|
res
|
|
58
64
|
end
|
|
59
65
|
|
|
@@ -96,4 +102,31 @@ module Sqreen
|
|
|
96
102
|
nil
|
|
97
103
|
end
|
|
98
104
|
end
|
|
105
|
+
|
|
106
|
+
# For redacting sensitive data and avoid having it sent to our servers
|
|
107
|
+
class SensitiveDataRedactor
|
|
108
|
+
SENSITIVE_KEYS = Set.new(%w[password secret passwd authorization api_key apikey access_token]).freeze
|
|
109
|
+
MASK = '<Redacted by Sqreen>'.freeze
|
|
110
|
+
REGEX = /\A(?:\d[ -]*?){13,16}\z/
|
|
111
|
+
|
|
112
|
+
def self.redact(obj)
|
|
113
|
+
case obj
|
|
114
|
+
when String
|
|
115
|
+
return MASK if obj =~ REGEX
|
|
116
|
+
|
|
117
|
+
when Array
|
|
118
|
+
return obj.map(&method(:redact))
|
|
119
|
+
|
|
120
|
+
when Hash
|
|
121
|
+
return Hash[
|
|
122
|
+
obj.map do |k, v|
|
|
123
|
+
ck = k.is_a?(String) ? k.downcase : k
|
|
124
|
+
[k, SENSITIVE_KEYS.include?(ck) ? MASK : redact(v)]
|
|
125
|
+
end
|
|
126
|
+
]
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
obj
|
|
130
|
+
end
|
|
131
|
+
end
|
|
99
132
|
end
|
|
@@ -393,6 +393,7 @@ module Sqreen
|
|
|
393
393
|
each_key_value_for_hash(p) do |value|
|
|
394
394
|
next unless value.is_a?(String)
|
|
395
395
|
next if value.size < 5
|
|
396
|
+
value = value.force_encoding(Encoding::ISO_8859_1).encode(Encoding::UTF_8) unless value.valid_encoding?
|
|
396
397
|
next if regexp && !regexp.match?(value)
|
|
397
398
|
parm << value
|
|
398
399
|
end
|
|
@@ -410,6 +411,7 @@ module Sqreen
|
|
|
410
411
|
each_key_value_for_hash(p) do |value|
|
|
411
412
|
next unless value.is_a?(String)
|
|
412
413
|
next if value.size < 5
|
|
414
|
+
value = value.force_encoding(Encoding::ISO_8859_1).encode(Encoding::UTF_8) unless value.valid_encoding?
|
|
413
415
|
next if regexp && !regexp.match(value)
|
|
414
416
|
parm << value
|
|
415
417
|
end
|
|
@@ -140,7 +140,8 @@ module Sqreen
|
|
|
140
140
|
tag = ret
|
|
141
141
|
if tag.value[:escape_html] == false &&
|
|
142
142
|
tag.value[:value].respond_to?(:include?) &&
|
|
143
|
-
!tag.value[:value].include?('html_escape')
|
|
143
|
+
!tag.value[:value].include?('html_escape') &&
|
|
144
|
+
tag.value[:parse] == true
|
|
144
145
|
tag.value[:value] = "Sqreen.escape_haml((#{tag.value[:value]}))"
|
|
145
146
|
return { :status => :override, :new_return_value => tag }
|
|
146
147
|
end
|
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqreen
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.13.
|
|
4
|
+
version: 1.13.4
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Sqreen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-08-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|