sqreen 1.18.0-java → 1.18.1-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 922051da24f2022f3a83abf7f948dc5736755b1470e3c07e51ea620b4ad79d38
-  data.tar.gz: 286a940f0c898061965af56bc612cff127123743c81f29460bdb50b74f336cac
+  metadata.gz: 61098cd896356da56ff7a321f2c43f694686f7b2ab8d9e48a2b249351b095af5
+  data.tar.gz: '05975ea91615b5cc62b80c750b02fa3773b5262f7e759063346b6b4f93934319'
 SHA512:
-  metadata.gz: 366be041f989a6668942f1e7f41be437572a9b128ff8622f916b5482aaf21b5f45f0ecdd7df11c44f1fa69b4823abc518e8c200fcc6b421d394f98e2b942c426
-  data.tar.gz: aec4842b37b82db5d7603a225fd1b14ece321793cf5d0f9e52f96be4acfc335427ea8056144bd3a8f0bfe960a8709b990e407c6329f746fe7a3aa03ebc30957e
+  metadata.gz: da30cff65326a7371fc5f3fd09253315f07516ba3fe29db4714a29131755581b2e5a661b534aad64823b8ff714dac37ac07483aea9aef2f930fc55958bb1717a
+  data.tar.gz: 7a36d82da8dfd18a66b0b354748a55fa6b6531f081f432a287bb813f307564db1c8275ac13404a09cd88b51c5f9b6803b8b31ea309cd7fb07ba95e9854c356ce

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 1.18.1
+
+* Improve handling of scoped IPv6 addresses
+* Remove spurious warning on Rails 6
+* Add missing WAF constant check
+
 ## 1.18.0
 
 * Support In-App WAF

data/lib/sqreen/actions.rb

@@ -169,7 +169,7 @@ module Sqreen
       end
 
       def matching_actions(client_ip)
-        parsed_ip = IPAddr.new(client_ip)
+        parsed_ip = IPAddr.new(client_ip.gsub(/%[^%\/]+/, ''))
         trie = parsed_ip.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
         return [] unless trie
         found = trie.search_matching(parsed_ip.to_i, parsed_ip.family)

data/lib/sqreen/dependency/rails.rb

@@ -15,6 +15,8 @@ module Sqreen
       end
 
       def inspect_middlewares
+        return unless ::Rails.application.middleware.respond_to?(:map)
+
         Sqreen.log.debug { "Middlewares: " << ::Rails.application.middleware.map(&:inspect).inspect }
       end
 

data/lib/sqreen/frameworks.rb

@@ -13,7 +13,7 @@ module Sqreen
     klass = case
             when defined?(::Rails) && defined?(::Rails::VERSION)
               case Rails::VERSION::MAJOR.to_i
-              when 4, 5
+              when 4, 5, 6
                 require 'sqreen/frameworks/rails'
                 Sqreen::Frameworks::RailsFramework
               when 3

data/lib/sqreen/rules_callbacks/waf.rb

@@ -22,13 +22,17 @@ module Sqreen
         @libsqreen
       end
 
+      def self.waf?
+        Sqreen::Dependency.const_exist?('LibSqreen::WAF')
+      end
+
       attr_reader :binding_accessors, :budget, :waf_rule_name
 
       def initialize(*args)
         super(*args)
         @overtimeable = false
 
-        unless WAFCB.libsqreen?
+        unless WAFCB.libsqreen? && WAFCB.waf?
           Sqreen.log.warn('libsqreen gem not found')
           return
         end
@@ -57,10 +61,7 @@ module Sqreen
       end
 
       def pre(instance, args, _budget)
-        unless WAFCB.libsqreen?
-          Sqreen.log.warn('libsqreen not required')
-          return
-        end
+        return unless WAFCB.libsqreen? && WAFCB.waf?
 
         request = framework.request
         return if !waf_rule_name || !request

data/lib/sqreen/version.rb

@@ -1,5 +1,5 @@
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 module Sqreen
-  VERSION = '1.18.0'.freeze
+  VERSION = '1.18.1'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.18.0
+  version: 1.18.1
 platform: java
 authors:
 - Sqreen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-15 00:00:00.000000000 Z
+date: 2019-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement