sqreen 1.9.2 → 1.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/sqreen-alt.rb +1 -0
- data/lib/sqreen/rules_callbacks/execjs.rb +23 -4
- data/lib/sqreen/shared_storage.rb +5 -6
- data/lib/sqreen/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: db75e03bbaf0ff955d869f7e5fea1dd06d911ef363fe85b875befbabc147c948
|
4
|
+
data.tar.gz: 118223689c18fa3627f901b857c67c0309d6f17a5b4eeffdf631da37d801bebf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cba1b32cb6753e60442e7f17a3b4e8267f978e37552303dec79cb92e429958b3815d9f7c18bda5dd72b4db7bca923ab6e6cafb062fb1194b952bfee977585c7a
|
7
|
+
data.tar.gz: 6c73b78873835a36ba2b69ef8ac01b06927b138622a9c082690fa45d65c06d5a65f5234da28d6b9928850d107d269428742406b1cd05534ee1bdcec742773d35
|
data/lib/sqreen-alt.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "sqreen"
|
@@ -3,8 +3,15 @@
|
|
3
3
|
|
4
4
|
if defined?(::JRUBY_VERSION)
|
5
5
|
require 'rhino'
|
6
|
+
SQREEN_V8_THREAD = false
|
6
7
|
else
|
7
|
-
|
8
|
+
begin
|
9
|
+
require 'mini_racer'
|
10
|
+
SQREEN_V8_THREAD = true
|
11
|
+
rescue LoadError
|
12
|
+
require 'therubyracer'
|
13
|
+
SQREEN_V8_THREAD = false
|
14
|
+
end
|
8
15
|
end
|
9
16
|
|
10
17
|
require 'execjs'
|
@@ -32,7 +39,9 @@ module Sqreen
|
|
32
39
|
end
|
33
40
|
|
34
41
|
build_runnable(callbacks)
|
35
|
-
|
42
|
+
if !SQREEN_V8_THREAD
|
43
|
+
@compiled = ExecJS.compile(@source)
|
44
|
+
end
|
36
45
|
@restrict_max_depth = 20
|
37
46
|
end
|
38
47
|
|
@@ -122,7 +131,10 @@ module Sqreen
|
|
122
131
|
end)] = ret[k] end
|
123
132
|
record_event(ret[:record]) unless ret[:record].nil?
|
124
133
|
unless ret['observations'].nil?
|
125
|
-
ret['observations'].each
|
134
|
+
ret['observations'].each do |obs|
|
135
|
+
obs[3] = Time.parse(obs[3]) if obs.size >= 3 && obs[3].is_a?(String)
|
136
|
+
record_observation(*obs)
|
137
|
+
end
|
126
138
|
end
|
127
139
|
return !ret[:call].nil?
|
128
140
|
else
|
@@ -131,6 +143,9 @@ module Sqreen
|
|
131
143
|
end
|
132
144
|
|
133
145
|
def call_callback(name, inst, args, rv = nil)
|
146
|
+
if SQREEN_V8_THREAD
|
147
|
+
Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"] ||= ExecJS.compile(@source)
|
148
|
+
end
|
134
149
|
ret = nil
|
135
150
|
args_override = nil
|
136
151
|
arguments = nil
|
@@ -140,7 +155,11 @@ module Sqreen
|
|
140
155
|
end
|
141
156
|
arguments = restrict(name, arguments) if @conditions.key?(name)
|
142
157
|
Sqreen.log.debug { [name, arguments].inspect }
|
143
|
-
|
158
|
+
if SQREEN_V8_THREAD
|
159
|
+
ret = Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"].call(name, *arguments)
|
160
|
+
else
|
161
|
+
ret = @compiled.call(name, *arguments)
|
162
|
+
end
|
144
163
|
unless record_and_continue?(ret)
|
145
164
|
return nil if ret.nil?
|
146
165
|
return advise_action(ret[:status], ret)
|
@@ -3,22 +3,21 @@
|
|
3
3
|
|
4
4
|
module Sqreen
|
5
5
|
module SharedStorage
|
6
|
-
@@shared = {}
|
7
6
|
|
8
7
|
def self::get(key, default = nil)
|
9
|
-
h =
|
8
|
+
h = Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"]
|
10
9
|
return h.fetch(key, default) if h
|
11
10
|
default
|
12
11
|
end
|
13
12
|
|
14
13
|
def self::set(key, obj)
|
15
|
-
|
16
|
-
|
17
|
-
@@shared[main_key][key] = obj
|
14
|
+
Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"] ||= {}
|
15
|
+
Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"][key] = obj
|
18
16
|
end
|
19
17
|
|
20
18
|
def self.clear
|
21
|
-
|
19
|
+
return unless Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].is_a?(Hash)
|
20
|
+
Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].clear
|
22
21
|
end
|
23
22
|
|
24
23
|
def self.inc(value)
|
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-02-
|
11
|
+
date: 2018-02-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: execjs
|
@@ -48,6 +48,7 @@ files:
|
|
48
48
|
- CODE_OF_CONDUCT.md
|
49
49
|
- README.md
|
50
50
|
- Rakefile
|
51
|
+
- lib/sqreen-alt.rb
|
51
52
|
- lib/sqreen.rb
|
52
53
|
- lib/sqreen/attack_detected.html
|
53
54
|
- lib/sqreen/binding_accessor.rb
|
@@ -140,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
140
141
|
version: '0'
|
141
142
|
requirements: []
|
142
143
|
rubyforge_project:
|
143
|
-
rubygems_version: 2.
|
144
|
+
rubygems_version: 2.7.5
|
144
145
|
signing_key:
|
145
146
|
specification_version: 4
|
146
147
|
summary: Sqreen Ruby agent
|