sqreen 1.14.0.beta3 → 1.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sqreen/actions.rb +4 -2
- data/lib/sqreen/exception.rb +8 -1
- data/lib/sqreen/frameworks/generic.rb +12 -0
- data/lib/sqreen/frameworks/rails.rb +1 -0
- data/lib/sqreen/frameworks/sinatra.rb +1 -0
- data/lib/sqreen/js/mini_racer_adapter.rb +6 -2
- data/lib/sqreen/runner.rb +3 -0
- data/lib/sqreen/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f6b572a1d9fe1440b268e4edcdcaab29a177edb3d7d6f915b100d57f77219ad5
|
|
4
|
+
data.tar.gz: b05840f3d4cbc358d089b50299ccfdc7da0947a52f2603e34d572a97acb1c946
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: be7806a0578560be5926fa04bb3201440072237ce377f4aba73fe4a3b763b2bcf75d585fff195238e8acad6986ef1112635837d1d40d800ad4a6a5df002edb13
|
|
7
|
+
data.tar.gz: b5d2cf720663a12d7add7b1f5f3ccf23bea712403898b97e10c45e741a1883fd9025b605f3ed2d02fd08f172ef2948b86f15e3e4defc2df6c2f3140e76d1d8da
|
data/lib/sqreen/actions.rb
CHANGED
|
@@ -177,7 +177,8 @@ module Sqreen
|
|
|
177
177
|
|
|
178
178
|
def do_run(client_ip)
|
|
179
179
|
return nil unless matches_ip? client_ip
|
|
180
|
-
e = Sqreen::AttackBlocked.new("Blocked client's IP
|
|
180
|
+
e = Sqreen::AttackBlocked.new("Blocked client's IP #{client_ip} " \
|
|
181
|
+
"(action: #{id} covering range(s) #{ranges}). No action is required")
|
|
181
182
|
{ :status => :raise, :exception => e }
|
|
182
183
|
end
|
|
183
184
|
|
|
@@ -203,7 +204,8 @@ module Sqreen
|
|
|
203
204
|
|
|
204
205
|
def do_run(client_ip)
|
|
205
206
|
return nil unless matches_ip? client_ip
|
|
206
|
-
Sqreen.log.info "Will request redirect for client with IP #{client_ip}
|
|
207
|
+
Sqreen.log.info "Will request redirect for client with IP #{client_ip} " \
|
|
208
|
+
"(action: #{id} covering range(s) #{ranges})."
|
|
207
209
|
{
|
|
208
210
|
:status => :skip,
|
|
209
211
|
:new_return_value => [303, { 'Location' => @redirect_url }, ['']],
|
data/lib/sqreen/exception.rb
CHANGED
|
@@ -8,7 +8,11 @@ module Sqreen
|
|
|
8
8
|
class Exception < ::StandardError
|
|
9
9
|
def initialize(msg = nil, *args)
|
|
10
10
|
super(msg, *args)
|
|
11
|
-
|
|
11
|
+
log_message msg if msg
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def log_message(msg)
|
|
15
|
+
Sqreen.log.error(msg)
|
|
12
16
|
end
|
|
13
17
|
end
|
|
14
18
|
|
|
@@ -24,6 +28,9 @@ module Sqreen
|
|
|
24
28
|
# Sqreen users when watching their logs. It should not raise any concern to
|
|
25
29
|
# them.
|
|
26
30
|
class AttackBlocked < Exception
|
|
31
|
+
def log_message(msg)
|
|
32
|
+
Sqreen.log.warn(msg)
|
|
33
|
+
end
|
|
27
34
|
end
|
|
28
35
|
|
|
29
36
|
class NotImplementedYet < Exception
|
|
@@ -519,6 +519,18 @@ module Sqreen
|
|
|
519
519
|
Sqreen.log.warn "Failed ignoring AttackBlocked on NewRelic: #{e.inspect}"
|
|
520
520
|
end
|
|
521
521
|
|
|
522
|
+
def worker_fork_detection
|
|
523
|
+
# only Puma currently supported
|
|
524
|
+
return unless defined?(Puma::Cluster) && Puma::Cluster.instance_methods.include?(:worker)
|
|
525
|
+
cur_worker_meth = Puma::Cluster.instance_method(:worker)
|
|
526
|
+
Puma::Cluster.class_eval do
|
|
527
|
+
define_method(:worker) do |*args|
|
|
528
|
+
Sqreen.on_forked_worker = true
|
|
529
|
+
cur_worker_meth.bind(self)[*args]
|
|
530
|
+
end
|
|
531
|
+
end
|
|
532
|
+
end
|
|
533
|
+
|
|
522
534
|
private
|
|
523
535
|
|
|
524
536
|
def split_ip_addresses(ip_addresses)
|
|
@@ -34,9 +34,9 @@ module Sqreen
|
|
|
34
34
|
@module = vendored ? Sqreen::MiniRacer : MiniRacer
|
|
35
35
|
@source = source
|
|
36
36
|
@recycle_runtime_every = GC_MINI_RACER
|
|
37
|
-
@snapshot = @module::Snapshot.new(source)
|
|
38
37
|
@runtimes = []
|
|
39
38
|
@tl_key = "SQREEN_MINI_RACER_CONTEXT_#{object_id}".freeze
|
|
39
|
+
snapshot if Sqreen.on_forked_worker? # called to eagerly initialize snapshot
|
|
40
40
|
unless @@ctx_defined
|
|
41
41
|
self.class.define_sqreen_context(@module)
|
|
42
42
|
@@ctx_defined = true
|
|
@@ -52,7 +52,7 @@ module Sqreen
|
|
|
52
52
|
dead_runtime = true
|
|
53
53
|
end
|
|
54
54
|
if dead_runtime
|
|
55
|
-
new_runtime = SqreenContext.new(:snapshot =>
|
|
55
|
+
new_runtime = SqreenContext.new(:snapshot => snapshot)
|
|
56
56
|
push_runtime new_runtime
|
|
57
57
|
mini_racer_context = {
|
|
58
58
|
:c => 0,
|
|
@@ -72,6 +72,10 @@ module Sqreen
|
|
|
72
72
|
|
|
73
73
|
private
|
|
74
74
|
|
|
75
|
+
def snapshot
|
|
76
|
+
@snapshot ||= @module::Snapshot.new(@source)
|
|
77
|
+
end
|
|
78
|
+
|
|
75
79
|
def push_runtime(runtime)
|
|
76
80
|
@runtimes.delete_if do |th, runt, _thid|
|
|
77
81
|
del = th.nil? || !th.weakref_alive? || !th.alive?
|
data/lib/sqreen/runner.rb
CHANGED
|
@@ -60,6 +60,9 @@ module Sqreen
|
|
|
60
60
|
attr_accessor :logged_in
|
|
61
61
|
alias logged_in? logged_in
|
|
62
62
|
|
|
63
|
+
attr_accessor :on_forked_worker
|
|
64
|
+
alias on_forked_worker? on_forked_worker
|
|
65
|
+
|
|
63
66
|
attr_reader :whitelisted_paths
|
|
64
67
|
def update_whitelisted_paths(paths)
|
|
65
68
|
@whitelisted_paths = paths.freeze
|
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqreen
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.14.0
|
|
4
|
+
version: 1.14.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sqreen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-09-
|
|
11
|
+
date: 2018-09-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sq_mini_racer
|
|
@@ -132,9 +132,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
132
132
|
version: '0'
|
|
133
133
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
134
134
|
requirements:
|
|
135
|
-
- - "
|
|
135
|
+
- - ">="
|
|
136
136
|
- !ruby/object:Gem::Version
|
|
137
|
-
version:
|
|
137
|
+
version: '0'
|
|
138
138
|
requirements: []
|
|
139
139
|
rubyforge_project:
|
|
140
140
|
rubygems_version: 2.7.7
|