sqreen 1.9.2-java → 1.10.0-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +5 -5
  2. data/lib/sqreen-alt.rb +1 -0
  3. data/lib/sqreen/rules_callbacks/execjs.rb +23 -4
  4. data/lib/sqreen/shared_storage.rb +5 -6
  5. data/lib/sqreen/version.rb +1 -1
  6. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: ad04bee0a61218373cab51d02d3690ddd5f19021
4
- data.tar.gz: f4921ac550a7801022795f66f959a2e5e1ebd8e4
2
+ SHA256:
3
+ metadata.gz: 9ddf2c0f35a8ee5a30253430edb9a7ba8316870018c306273c5beb2a7d802777
4
+ data.tar.gz: b1b64ccd659f142389934d2a2ec6e30bedffd95f83f2f96a30333979cc8cd80d
5
5
  SHA512:
6
- metadata.gz: 4ed1ca9938ab9bcb1b6277641ac1470270f3c9bd350a32e5f58eb9ca9bf7fb42c1a6951fd7cc1f5d97ea40a6cd79aa76e970f1b166823bc15610b9eafb940de7
7
- data.tar.gz: aacc4964978719bf65037639a063a9c8a5d00eaad956fb81c1f9f579e997f38b5fb7f064a1bbd460a9748471ec0db62be5d350c45d34c355ffd7480639f0b3cd
6
+ metadata.gz: 74bc35df0b7114e50d4c618787553e916130ee69870c35ace9b881ffefa360866f075071c802952d18483696ec6fab20c3830cfd65a45365eb51e9f15ee66250
7
+ data.tar.gz: 5d2842f3376b7b9951cb366a763c4b3ab5a5854b100b7db477d9c137d5f8552c76da47b1395d1c10e07bb5be1b409fec1b6bff4ea90033fa1b559befe7d10728
data/lib/sqreen-alt.rb ADDED
@@ -0,0 +1 @@
1
+ require "sqreen"
data/lib/sqreen/rules_callbacks/execjs.rb CHANGED
@@ -3,8 +3,15 @@
3
3
 
4
4
  if defined?(::JRUBY_VERSION)
5
5
  require 'rhino'
6
+ SQREEN_V8_THREAD = false
6
7
  else
7
- require 'therubyracer'
8
+ begin
9
+ require 'mini_racer'
10
+ SQREEN_V8_THREAD = true
11
+ rescue LoadError
12
+ require 'therubyracer'
13
+ SQREEN_V8_THREAD = false
14
+ end
8
15
  end
9
16
 
10
17
  require 'execjs'
@@ -32,7 +39,9 @@ module Sqreen
32
39
  end
33
40
 
34
41
  build_runnable(callbacks)
35
- @compiled = ExecJS.compile(@source)
42
+ if !SQREEN_V8_THREAD
43
+ @compiled = ExecJS.compile(@source)
44
+ end
36
45
  @restrict_max_depth = 20
37
46
  end
38
47
 
@@ -122,7 +131,10 @@ module Sqreen
122
131
  end)] = ret[k] end
123
132
  record_event(ret[:record]) unless ret[:record].nil?
124
133
  unless ret['observations'].nil?
125
- ret['observations'].each { |obs| record_observation(*obs) }
134
+ ret['observations'].each do |obs|
135
+ obs[3] = Time.parse(obs[3]) if obs.size >= 3 && obs[3].is_a?(String)
136
+ record_observation(*obs)
137
+ end
126
138
  end
127
139
  return !ret[:call].nil?
128
140
  else
@@ -131,6 +143,9 @@ module Sqreen
131
143
  end
132
144
 
133
145
  def call_callback(name, inst, args, rv = nil)
146
+ if SQREEN_V8_THREAD
147
+ Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"] ||= ExecJS.compile(@source)
148
+ end
134
149
  ret = nil
135
150
  args_override = nil
136
151
  arguments = nil
@@ -140,7 +155,11 @@ module Sqreen
140
155
  end
141
156
  arguments = restrict(name, arguments) if @conditions.key?(name)
142
157
  Sqreen.log.debug { [name, arguments].inspect }
143
- ret = @compiled.call(name, *arguments)
158
+ if SQREEN_V8_THREAD
159
+ ret = Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"].call(name, *arguments)
160
+ else
161
+ ret = @compiled.call(name, *arguments)
162
+ end
144
163
  unless record_and_continue?(ret)
145
164
  return nil if ret.nil?
146
165
  return advise_action(ret[:status], ret)
data/lib/sqreen/shared_storage.rb CHANGED
@@ -3,22 +3,21 @@
3
3
 
4
4
  module Sqreen
5
5
  module SharedStorage
6
- @@shared = {}
7
6
 
8
7
  def self::get(key, default = nil)
9
- h = @@shared[Thread.current]
8
+ h = Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"]
10
9
  return h.fetch(key, default) if h
11
10
  default
12
11
  end
13
12
 
14
13
  def self::set(key, obj)
15
- main_key = Thread.current
16
- @@shared[main_key] = {} unless @@shared.key? main_key
17
- @@shared[main_key][key] = obj
14
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"] ||= {}
15
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"][key] = obj
18
16
  end
19
17
 
20
18
  def self.clear
21
- @@shared.delete(Thread.current)
19
+ return unless Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].is_a?(Hash)
20
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].clear
22
21
  end
23
22
 
24
23
  def self.inc(value)
data/lib/sqreen/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  module Sqreen
4
- VERSION = '1.9.2'.freeze
4
+ VERSION = '1.10.0'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.2
4
+ version: 1.10.0
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-06 00:00:00.000000000 Z
11
+ date: 2018-02-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: execjs
@@ -47,6 +47,7 @@ files:
47
47
  - CODE_OF_CONDUCT.md
48
48
  - README.md
49
49
  - Rakefile
50
+ - lib/sqreen-alt.rb
50
51
  - lib/sqreen.rb
51
52
  - lib/sqreen/attack_detected.html
52
53
  - lib/sqreen/binding_accessor.rb
@@ -139,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
139
140
  version: '0'
140
141
  requirements: []
141
142
  rubyforge_project:
142
- rubygems_version: 2.6.12
143
+ rubygems_version: 2.7.5
143
144
  signing_key:
144
145
  specification_version: 4
145
146
  summary: Sqreen Ruby agent