sqreen 1.19.1-java → 1.19.2-java

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 45c1eba91e744d72930e245aecd85bb63289a7dcdec9da50ade62f89ea747672
4
- data.tar.gz: 4b524d0c1a186e657fee98761faebf7934bb12596aad9e91e398b910732a92fc
3
+ metadata.gz: a53d1102a76d7218c37306492482b71b5639ee519d085c3fd6aa219bbc3d1b93
4
+ data.tar.gz: cd477f8dbb86292c8c7bfec97b8a658927ded45f594f718250eb6848ba81d731
5
5
  SHA512:
6
- metadata.gz: c065d7d1acd87bdbefff597b5b37624ec6c34d7067f87b63c3cf5d6ce5e0e3bc6a61ed714c9a6885eef9b4637915b401675361a292c85b42627e2e0fc8b1bbf8
7
- data.tar.gz: 9f78ce57412a1745739353c82b341dcb9081fd7bb3f345f13b452ea03e2a0e1a85186afef4ec42a431543a610ad08a67dcb7b62ef8819a3b2248d862f6e49984
6
+ metadata.gz: b306a201d11156c4e9213a7f0ffa218597c1e59e520b6575476d7e151813364f782f659e7955844023eb3e880d5024058f0ea7eb509b239a93eedda856c3901d
7
+ data.tar.gz: e3c458d1d3625d9d78ff1e1599a1d47297629633537319360da003c61c9d44e4b7832ed828b5adcd15be619b3518eafe061b0fdfa62fc14103f73c49317fc452
@@ -1,3 +1,8 @@
1
+ ## 1.19.2
2
+
3
+ * Handle unexpected rule callback return values more gracefully
4
+ * Fix incorrect return value for 404 native callback
5
+
1
6
  ## 1.19.1
2
7
 
3
8
  * Fix LocalJumpError when reaching a Rack app nested in a Rails app
@@ -24,6 +24,8 @@ module Sqreen
24
24
  exception = env['action_dispatch.exception']
25
25
 
26
26
  record_from_env(ua, script_name, path_info, verb, override, host, exception)
27
+
28
+ nil
27
29
  end
28
30
 
29
31
  def record_from_env(ua, script_name, path_info, verb, override, host, exception)
@@ -4,5 +4,5 @@
4
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
5
5
 
6
6
  module Sqreen
7
- VERSION = '1.19.1'.freeze
7
+ VERSION = '1.19.2'.freeze
8
8
  end
@@ -296,7 +296,7 @@ class Sqreen::Weave::Legacy::Instrumentation
296
296
  when :raise, 'raise'
297
297
  throw(b, b.raise(ret[:exception])) if ret.key?(:exception)
298
298
  throw(b, b.raise(Sqreen::AttackBlocked.new("Sqreen blocked a security threat (type: #{callback.rule_name}). No action is required.")))
299
- end unless ret.nil?
299
+ end unless ret.nil? || !ret.is_a?(Hash)
300
300
  end
301
301
  end
302
302
 
@@ -328,7 +328,7 @@ class Sqreen::Weave::Legacy::Instrumentation
328
328
  when :raise, 'raise'
329
329
  throw(b, b.raise(ret[:exception])) if ret.key?(:exception)
330
330
  throw(b, b.raise(Sqreen::AttackBlocked.new("Sqreen blocked a security threat (type: #{callback.rule_name}). No action is required.")))
331
- end unless ret.nil?
331
+ end unless ret.nil? || !ret.is_a?(Hash)
332
332
  end
333
333
  end
334
334
 
@@ -354,7 +354,7 @@ class Sqreen::Weave::Legacy::Instrumentation
354
354
  end
355
355
  Sqreen::Weave.logger.debug { "#{rule} klass=#{callback.klass} method=#{callback.method} when=#failing instance=#{i} => return=#{ret.inspect}" }
356
356
 
357
- raise e if ret.nil?
357
+ throw(b, b.raise(e)) if ret.nil? || !ret.is_a?(Hash)
358
358
 
359
359
  case ret[:status]
360
360
  when :override, 'override'
@@ -368,7 +368,7 @@ class Sqreen::Weave::Legacy::Instrumentation
368
368
  throw(b, b.raise(e))
369
369
  else
370
370
  throw(b, b.raise(e))
371
- end unless ret.nil?
371
+ end unless ret.nil? || !ret.is_a?(Hash)
372
372
  end
373
373
  end
374
374
  end.install
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.19.1
4
+ version: 1.19.2
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-01 00:00:00.000000000 Z
11
+ date: 2020-06-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement