tcell_agent 0.2.27 → 0.2.28

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6e93674e3ce539710e90605fc2655eff1d988017
-  data.tar.gz: 482dd34778a453b1a63c6e0bc7976b1c893bb9af
+  metadata.gz: 181cef7acfc3208cd9d1af45984aa9d23e0b1e0e
+  data.tar.gz: 78925684e4816c2ff9c1851581ed3e7eeedab2d7
 SHA512:
-  metadata.gz: 6432e1455a95c5c28c62c7ff85f367316f4ad78d58fc5ffdb03b83b9fb9ffbb21137fd9c9d34423a01ffd00ad10f18d9a19cd9dc93f5ab20b7cfdc4806eb65fd
-  data.tar.gz: ecac85ac908c46e83a5f850005bef88565955af581512c31ee63e45c1ef3147771780e90fb6db166dbd30fab8c928de0c3086cb8829fd701312c4dbf25f9b064
+  metadata.gz: 59c4b7ab789fd0444906ff922561d7faa60ab7d6c224c292ed84123db5e065ea31786f662a25021b1ba9bd980bb38156072bcc5f15b3eec0f0a1222f8a2d339a
+  data.tar.gz: c4e7c7d069401d297bb0e17d03c3ae998f69149302e65d699cc47c512be8275d421e25c4cc059b815c76c9cb74710f7c075d59ac1f00fb873f2245fc968bf3fc

data/lib/tcell_agent/instrumentation.rb

@@ -109,7 +109,7 @@ module TCellAgent
         end
       end
 
-      def filter_body(body)
+      def filter_body!(body)
         dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
         if dlp_policy and self.session_id
           session_id_actions = dlp_policy.get_actions_for_session_id

data/lib/tcell_agent/policies/appsensor_policy.rb

@@ -99,6 +99,8 @@ module TCellAgent
       end
 
       def check_response_size(appsensor_meta)
+        return unless @enabled
+
         TCellAgent::Instrumentation.safe_block("AppSensor Testing Response Size") do
           if self.options.has_key?("resp_size")
             self.options["resp_size"].check(appsensor_meta)

data/lib/tcell_agent/rails/dlp.rb

@@ -265,42 +265,6 @@ module TCellAgent
   end
 end
 
-module TCellAgent
-  ActiveSupport.on_load(:action_controller) do
-    ActionController::Base.class_eval do
-      if (::Rails::VERSION::MAJOR == 5)
-        around_action :global_request_logging
-      elsif (::Rails::VERSION::MAJOR < 5)
-        around_filter :global_request_logging
-      end
-      def global_request_logging
-        begin
-          yield
-
-          if TCellAgent.configuration.enabled &&
-              TCellAgent.configuration.should_instrument? &&
-              TCellAgent.configuration.should_intercept_requests?
-
-            TCellAgent::Instrumentation.safe_block("Running DLP Logging Filters") {
-              if TCellAgent::Utils::Rails.empty_content?(response.status, response.headers) ||
-                  TCellAgent::Utils::Rails.streaming_response?(response.headers)
-                return
-              end
-
-              tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
-              if tcell_context
-                response.body = tcell_context.filter_body(response.body)
-              end
-            }
-
-          end
-        end
-      end
-    end
-  end
-end
-
-
 class Logger
   alias_method :tcell_old_add, :add
   def add(severity, message = nil, progname = nil, &block)

data/lib/tcell_agent/rails/dlp_handler.rb

@@ -0,0 +1,68 @@
+require 'tcell_agent/instrumentation'
+require 'tcell_agent/rails/responses'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+      module DLPHandler
+
+        def self.report_and_redact_now(dlp_handler, tcell_context, rack_body, content_length)
+          TCellAgent::Instrumentation.safe_block("Handling DLP Report and Redact Now") do
+            if dlp_handler
+              new_content_length = 0
+              new_body = []
+              rack_body.each { |str|
+                dlp_handler.call(tcell_context, str)
+                new_body << str
+                new_content_length += str.bytesize
+              }
+              rack_body.close if rack_body.respond_to?(:close)
+
+              rack_body = new_body
+              content_length = new_content_length
+            end
+          end
+
+          [rack_body, content_length]
+        end
+
+        def self.handle_dlp!(tcell_context, response)
+          TCellAgent::Instrumentation.safe_block("Running DLP Logging Filters") do
+            tcell_context.filter_body!(response)
+          end
+
+          response
+        end
+
+        def self.get_handler_and_context(request, response_headers)
+          dlp_handler = nil
+          tcell_context = nil
+
+          TCellAgent::Instrumentation.safe_block("DLP Handler get handler and context") do
+            if TCellAgent.configuration.enabled &&
+                TCellAgent.configuration.should_instrument? &&
+                TCellAgent.configuration.should_intercept_requests?
+
+              # do all this work so that dlp doesn't run at all unless it's on and there
+              # are rules to run
+              if TCellAgent::Utils::Rails.processable_response?(response_headers)
+                dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+                if dlp_policy && dlp_policy.get_actions_for_session_id
+                  tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
+                  if tcell_context && tcell_context.session_id
+                    dlp_handler = Proc.new { |tc, resp|
+                      self.handle_dlp!(tc, resp)
+                    }
+                  end
+                end
+              end
+            end
+          end
+
+          [dlp_handler, tcell_context]
+        end
+
+      end
+    end
+  end
+end

data/lib/tcell_agent/rails/js_agent_insert.rb

@@ -0,0 +1,71 @@
+require 'tcell_agent/instrumentation'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+      module JSAgent
+
+        HEAD_SEARCH_REGEX=/<head>/
+
+        def self.insert_now(js_agent_handler, script_insert, rack_body, content_length)
+          TCellAgent::Instrumentation.safe_block("Handling JSAgent Insert Now") do
+            if js_agent_handler
+              new_content_length = 0
+              newbody = []
+              rack_body.each { |str|
+                # this modifies str itself
+                js_agent_handler.call(script_insert, str)
+
+                newbody << str
+                new_content_length += str.bytesize
+              }
+              rack_body.close if rack_body.respond_to?(:close)
+
+              rack_body = newbody
+              content_length = new_content_length
+            end
+          end
+
+          [rack_body, content_length]
+        end
+
+        def self.handle_js_agent_insert(script_insert, response)
+          TCellAgent::Instrumentation.safe_block("Handling JSAgent insert") do
+            return !!response.sub!(
+              TCellAgent::Instrumentation::Rails::JSAgent::HEAD_SEARCH_REGEX,
+              "<head>#{script_insert}"
+            )
+          end
+
+          false
+        end
+
+        def self.get_handler_and_script_insert(response_headers)
+          js_agent_handler = nil
+          script_insert = nil
+
+          TCellAgent::Instrumentation.safe_block("JSAgent get handler and script insert") do
+            if (response_headers.fetch("Content-Type","").start_with?'text/html')
+              script_tag_policy = TCellAgent.policy(TCellAgent::PolicyTypes::CSP)
+              if (script_tag_policy && script_tag_policy.js_agent_api_key)
+                base_url_vars = ""
+                if (script_tag_policy.js_agent_api_base_url)
+                  base_url_vars = " tcellbaseurl=\"#{script_tag_policy.js_agent_api_base_url}\""
+                end
+                script_insert = "<script src=\"#{script_tag_policy.js_agent_url}\" "
+                script_insert += "tcellapikey=\"#{script_tag_policy.js_agent_api_key}\" "
+                script_insert += "tcellappid=\"#{script_tag_policy.js_agent_app_id}\"#{base_url_vars}></script>\n"
+                js_agent_handler = Proc.new { |si, resp|
+                  self.handle_js_agent_insert(si, resp)
+                }
+              end
+            end
+          end
+
+          [js_agent_handler, script_insert]
+        end
+
+      end
+    end
+  end
+end

data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb

@@ -18,12 +18,10 @@ module TCellAgent
     module Rails
       module Middleware
         class BodyFilterMiddleware
-          HEAD_SEARCH_REGEX=/<head>/
           def initialize(app)
             @app = app
           end
           def call(env)
-            request = Rack::Request.new(env)
             orig = (Time.now.to_f * 1000).to_i
 
             response = @app.call(env)
@@ -53,39 +51,6 @@ module TCellAgent
                   end
                 end
               }
-              response = self._handle_js_agent_add(request, response)
-            end
-
-            response
-          end
-          def replace_in_body(script_tag_policy, body)
-              base_url_vars = ""
-              if (script_tag_policy.js_agent_api_base_url)
-                base_url_vars = " tcellbaseurl=\"#{script_tag_policy.js_agent_api_base_url}\""
-              end
-              script_insert = "\n<script src=\"#{script_tag_policy.js_agent_url}\" tcellapikey=\"#{script_tag_policy.js_agent_api_key}\" tcellappid=\"#{script_tag_policy.js_agent_app_id}\"#{base_url_vars}></script>\n"
-              body.sub!(BodyFilterMiddleware::HEAD_SEARCH_REGEX,"<head>#{script_insert}")
-          end
-          def _handle_js_agent_add(request, response)
-            TCellAgent::Instrumentation.safe_block("Handling JSAgent add") do
-              status, headers, rack_body = response
-              if TCellAgent::Utils::Rails.empty_content?(status, headers) ||
-                  TCellAgent::Utils::Rails.streaming_response?(headers)
-                return response
-              end
-
-              if (headers.fetch("Content-Type","").start_with?'text/html')
-                  script_tag_policy = TCellAgent.policy(TCellAgent::PolicyTypes::CSP)
-                  if (script_tag_policy &&
-                      script_tag_policy.js_agent_api_key)
-                    newbody = []
-                    rack_body.each { |str|
-                      newbody_part = self.replace_in_body(script_tag_policy, str) || str
-                      newbody << newbody_part
-                    }
-                    response = [status, headers, newbody]
-                  end
-              end
             end
 
             response

data/lib/tcell_agent/rails/middleware/headers_middleware.rb

@@ -14,6 +14,9 @@ require 'cgi'
 
 require 'tcell_agent/instrumentation'
 require 'tcell_agent/rails/responses'
+require 'tcell_agent/rails/js_agent_insert'
+require 'tcell_agent/rails/dlp_handler'
+require 'tcell_agent/rails/tcell_body_proxy'
 
 module TCellAgent
   module Instrumentation
@@ -21,9 +24,6 @@ module TCellAgent
       module Middleware
 
         class HeadersMiddleware
-
-          STATUSES_MISSING_CONTENT_LENGTH = Set.new((100..199).to_a + [204, 205, 304])
-
           def initialize(app)
             @app = app
           end
@@ -37,7 +37,7 @@ module TCellAgent
               TCellAgent::Instrumentation.safe_block("Handling Request") {
                 tcell_response = response
                 unless request.env[TCellAgent::Instrumentation::TCELL_ID].ip_blocking_triggered
-                  tcell_response = self._handle_appsensor(request, tcell_response)
+                  tcell_response = self._handle_appsensor_js_agent_and_dlp(request, tcell_response)
                 end
                 tcell_response = self._handle_redirect(request, tcell_response)
                 tcell_response = self._set_csp_header(request, tcell_response)
@@ -137,37 +137,66 @@ module TCellAgent
             response
           end
 
-          def _handle_appsensor(request, response)
-            TCellAgent::Instrumentation.safe_block("Handling AppSensor") do
+          def _handle_appsensor_js_agent_and_dlp(request, response)
+            TCellAgent::Instrumentation.safe_block("Handling AppSensor, JS Agent, and DLP") do
               status_code, response_headers, response_body = response
 
+              js_agent_handler, script_insert =
+                TCellAgent::Instrumentation::Rails::JSAgent.get_handler_and_script_insert(response_headers)
+              dlp_handler, tcell_context =
+                TCellAgent::Instrumentation::Rails::DLPHandler.get_handler_and_context(request, response_headers)
+
               content_length = 0
-              if response_headers['Content-Length']
-                content_length = response_headers['Content-Length'].to_i
+              set_basic_appsensor_meta = false
 
-              elsif TCellAgent::Utils::Rails.empty_content?(status_code, response_headers) ||
-                  TCellAgent::Utils::Rails.streaming_response?(response_headers)
+              if TCellAgent::Utils::Rails.empty_content?(status_code, response_headers)
                 content_length = 0
 
-              elsif response_body.respond_to?(:to_ary) || response_body.is_a?(Rack::BodyProxy)
-                old_body = response_body
-                response_body, content_length = [], 0
-                old_body.each { |str|
-                  response_body << str
-                  content_length += str.bytesize
-                }
-
-                if old_body.is_a?(Rack::BodyProxy)
-                  response_body = Rack::BodyProxy.new(response_body) do
-                    old_body.close if old_body.respond_to?(:close)
-                  end
+              elsif response_headers['Content-Length']
+                content_length = response_headers['Content-Length'].to_i
+
+                # when content length is present it can be inferred that the
+                # response is not a streaming response, so js agent insertion
+                # and dlp reports and redactions can be done up front
+                response_body, content_length =
+                  TCellAgent::Instrumentation::Rails::JSAgent.insert_now(js_agent_handler,
+                                                                         script_insert,
+                                                                         response_body,
+                                                                         content_length)
+
+                response_body, content_length =
+                  TCellAgent::Instrumentation::Rails::DLPHandler.report_and_redact_now(dlp_handler,
+                                                                                       tcell_context,
+                                                                                       response_body,
+                                                                                       content_length)
+
+
+                response_headers['Content-Length'] = content_length.to_s
+
+              elsif response_body.is_a?(Rack::BodyProxy)
+                response_body = TCellAgent::Instrumentation::Rails::TCellBodyProxy.new(
+                  response_body,
+                  TCellAgent::Utils::Rails.processable_response?(response_headers),
+                  js_agent_handler,
+                  script_insert,
+                  dlp_handler,
+                  tcell_context)
+                set_basic_appsensor_meta = true
+              end
+
+              appsensor_policy = TCellAgent.policy(TCellAgent::PolicyTypes::AppSensor)
+              if appsensor_policy
+                event = TCellAgent::SensorEvents::AppSensorMetaEvent.build(
+                  request, content_length, status_code, response_headers
+                )
+                TCellAgent.send_event(event)
+
+                if set_basic_appsensor_meta
+                  response_body.appsensor_policy = appsensor_policy
+                  response_body.appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.build_basic(event)
                 end
               end
 
-              event = TCellAgent::SensorEvents::AppSensorMetaEvent.build(
-                request, content_length, status_code, response_headers
-              )
-              TCellAgent.send_event(event)
               return [status_code, response_headers, response_body]
             end
 

data/lib/tcell_agent/rails/responses.rb

@@ -9,9 +9,16 @@ module TCellAgent
           (!!headers['Content-Length'] && headers['Content-Length'].to_i == 0)
       end
 
-      def self.streaming_response?(headers)
-        return TCellAgent::Utils::Strings.present?(headers['Transfer-Encoding']) ||
-          TCellAgent::Utils::Strings.present?(headers['Content-Transfer-Encoding'])
+      def self.processable_response?(response_headers)
+        content_disposition = response_headers['Content-Disposition']
+        is_attachment = content_disposition && !!(content_disposition =~ /^attachment/i)
+
+        content_type = response_headers['Content-Type']
+        applicable_content_type = content_type &&
+          (content_type == /application\/json/ ||
+           content_type == /application\/xml/ ||
+           !!(content_type =~ /^text/))
+        return !is_attachment && applicable_content_type
       end
 
     end

data/lib/tcell_agent/rails/tcell_body_proxy.rb

@@ -0,0 +1,94 @@
+require 'tcell_agent/instrumentation'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+
+      class TCellBodyProxy
+
+        attr_accessor :appsensor_policy, :appsensor_meta
+
+        # for specs
+        attr_accessor :content_length
+
+        def initialize(body,
+                       process_js_and_dlp,
+                       js_agent_insertion_proc,
+                       script_insert,
+                       dlp_cleaner_proc,
+                       tcell_context)
+          @content_length = 0
+          @body = body
+
+          @process_js_and_dlp = process_js_and_dlp
+
+          @js_agent_insertion_proc = js_agent_insertion_proc
+          @script_insert = script_insert
+
+          @dlp_cleaner_proc = dlp_cleaner_proc
+          @tcell_context = tcell_context
+        end
+
+        def close
+          TCellAgent::Instrumentation.safe_block("Handling Response Size Length") do
+            if @content_length > 0 && @appsensor_meta && @appsensor_policy
+              @appsensor_meta.response_content_bytes_len = @content_length
+              @appsensor_policy.check_response_size(@appsensor_meta)
+            end
+          end
+
+          @body.close if @body.respond_to?(:close)
+        end
+
+        def each(&block)
+          return to_enum(:each) unless block_given?
+
+          @body.each { |body_chunk|
+            process_body!(body_chunk)
+
+            yield body_chunk
+          }
+        end
+
+        def respond_to?(method_name, include_all=false)
+          @body.respond_to?(method_name, include_all)
+        end
+
+        def method_missing(method_name, *args, &block)
+          @body.__send__(method_name, *args, &block)
+        end
+
+        def process_body!(body)
+          TCellAgent::Instrumentation.safe_block("Processing tcell body proxy body") do
+            chunked_response_match = nil
+            if body.class.name == "String"
+              if body =~ /^([[:xdigit:]]+)(;.+)?\r\n/
+                chunked_response_match = $1
+                @content_length += chunked_response_match.to_i(16)
+              end
+            end
+
+            if body.class.name == "ActionView::OutputBuffer" ||
+                (body.class.name == "String" && !chunked_response_match)
+              @content_length += body.bytesize
+
+              if @process_js_and_dlp
+                if @js_agent_insertion_proc
+                  if @js_agent_insertion_proc.call(@script_insert, body)
+                    # js agent was successfully inserted so no need to keep
+                    # calling this proc
+                    @js_agent_insertion_proc = nil
+                  end
+                end
+                if @dlp_cleaner_proc
+                  @dlp_cleaner_proc.call(@tcell_context, body)
+                end
+              end
+            end
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb

@@ -59,6 +59,19 @@ module TCellAgent
 
           meta_event
         end
+
+        def build_basic(appsensor_meta)
+          meta_event = AppSensorMetaEvent.new
+          meta_event.location = appsensor_meta.location
+          meta_event.method =appsensor_meta.method
+          meta_event.remote_address = appsensor_meta.remote_address
+          meta_event.route_id = appsensor_meta.route_id
+          meta_event.session_id = appsensor_meta.session_id
+          meta_event.user_id = appsensor_meta.user_id
+          meta_event.route_id = appsensor_meta.route_id
+
+          meta_event
+        end
       end
 
 

data/lib/tcell_agent/version.rb

@@ -1,5 +1,5 @@
 # See the file "LICENSE" for the full license governing this code.
 
 module TCellAgent
-  VERSION = "0.2.27"
+  VERSION = "0.2.28"
 end

data/spec/lib/tcell_agent/instrumentation_spec.rb

@@ -30,7 +30,7 @@ module TCellAgent
 
           body = "this is about tim123123my 3123123."
           TCellAgent.empty_event_queue
-          context.filter_body(body)
+          context.filter_body!(body)
           expect(body).to eq("this is about [redacted] 3123123.")
           expect(TCellAgent.event_queue.length).to eq(1)
           TCellAgent.set_thread_agent(nil)
@@ -55,7 +55,7 @@ module TCellAgent
 
           body = "this is about tim123123my 3123123."
           TCellAgent.empty_event_queue
-          context.filter_body(body)
+          context.filter_body!(body)
           expect(body).to eq("this is about tim123123my 3123123.")
           expect(TCellAgent.event_queue.length).to eq(1)
           TCellAgent.set_thread_agent(nil)
@@ -131,7 +131,7 @@ module TCellAgent
           context.add_response_db_filter(true, action, "don", "sam", "tim", "fred")
           body = "this is about timmy1 3123123."
           TCellAgent.empty_event_queue
-          context.filter_body(body)
+          context.filter_body!(body)
           expect(body).to eq("this is about [redacted] [redacted].")
           expect(TCellAgent.event_queue.length).to eq(2)
         end
@@ -152,7 +152,7 @@ module TCellAgent
           context.add_response_db_filter(true, action, "don", "sam", "tim", "fred")
           body = "this is about timmy1 3123123."
           TCellAgent.empty_event_queue
-          context.filter_body(body)
+          context.filter_body!(body)
           expect(body).to eq("this is about timmy1 3123123.")
           expect(TCellAgent.event_queue.length).to eq(3) # timmy, timmy1, 3123123
         end

data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb

@@ -73,7 +73,7 @@ module TCellAgent
               #  }
               #end
             end
-            tcell_context.filter_body(@body)
+            tcell_context.filter_body!(@body)
             [200, response_headers, [@body]]
           end
 

data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb

@@ -0,0 +1,216 @@
+require 'spec_helper'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+
+      describe TCellBodyProxy do
+
+        context "#close" do
+          context "missing appsensor policy" do
+            context "zero content length" do
+              it "should not call appsensor policy" do
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new(["body"]) { },
+                  true,
+                  nil, nil, nil, nil)
+
+                tcell_body_proxy.content_length = 0
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Handling Response Size Length"
+                ).and_call_original
+
+                tcell_body_proxy.close
+              end
+            end
+
+            context "non zerno content length" do
+              it "should not call appsensor policy" do
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new(["body"]) { },
+                  true,
+                  nil, nil, nil, nil)
+
+                tcell_body_proxy.content_length = 512
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Handling Response Size Length"
+                ).and_call_original
+
+                tcell_body_proxy.close
+              end
+            end
+          end
+
+          context "with appsensor policy" do
+            context "zero content length" do
+              it "should not call appsensor policy" do
+                appsensor_policy = double("appsensor_policy")
+                appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
+
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new(["body"]) { },
+                  true,
+                  nil, nil, nil, nil)
+                tcell_body_proxy.appsensor_policy = appsensor_policy
+                tcell_body_proxy.appsensor_meta = appsensor_meta
+
+                tcell_body_proxy.content_length = 0
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Handling Response Size Length"
+                ).and_call_original
+                expect(appsensor_policy).to_not receive(:check_response_size)
+
+                tcell_body_proxy.close
+              end
+            end
+
+            context "non zerno content length" do
+              it "should not call appsensor policy" do
+                appsensor_policy = double("appsensor_policy")
+                appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
+
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new(["body"]) { },
+                  true,
+                  nil, nil, nil, nil)
+                tcell_body_proxy.appsensor_policy = appsensor_policy
+                tcell_body_proxy.appsensor_meta = appsensor_meta
+
+                tcell_body_proxy.content_length = 512
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Handling Response Size Length"
+                ).and_call_original
+                expect(appsensor_policy).to receive(:check_response_size).with(appsensor_meta)
+
+                tcell_body_proxy.close
+
+                expect(appsensor_meta.response_content_bytes_len).to eq(512)
+              end
+            end
+          end
+        end
+
+        context "#each" do
+          context "with no block given" do
+            it "should return an enumerator" do
+              tcell_body_proxy = TCellBodyProxy.new(
+                Rack::BodyProxy.new(["body"]) { },
+                true,
+                nil, nil, nil, nil)
+              expect(tcell_body_proxy.each.class.name).to eq("Enumerator")
+            end
+          end
+
+          context "with a string response" do
+            context "with a chunked response" do
+              it "should only calculate content length" do
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new(["2d\r\nsome content\r\n"]) { },
+                  false,
+                  nil, nil, nil, nil)
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Processing tcell body proxy body").and_call_original
+
+                tcell_body_proxy.each { |b| }
+
+                expect(tcell_body_proxy.content_length).to eq(45)
+              end
+            end
+
+            context "with a non chunked response" do
+              context "that should not be processed" do
+                it "should only calculate content length" do
+                  tcell_body_proxy = TCellBodyProxy.new(
+                    Rack::BodyProxy.new(["some content"]) { },
+                    false,
+                    nil, nil, nil, nil)
+
+                  expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                    "Processing tcell body proxy body").and_call_original
+
+                  tcell_body_proxy.each { |b| }
+
+                  expect(tcell_body_proxy.content_length).to eq(12)
+                end
+              end
+
+              context "that should be processed" do
+                it "should call js and dlp procs as well as calculate content length" do
+                  js_agent_insertion_proc = double("js_agent_insertion_proc")
+                  dlp_cleaner_proc = double("dlp_cleaner_proc")
+                  tcell_body_proxy = TCellBodyProxy.new(
+                    Rack::BodyProxy.new(["some content"]) { },
+                    true,
+                    js_agent_insertion_proc, "script_insert", dlp_cleaner_proc, nil)
+
+                  expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                    "Processing tcell body proxy body").and_call_original
+                  expect(js_agent_insertion_proc).to receive(:call).with("script_insert", "some content")
+                  expect(dlp_cleaner_proc).to receive(:call).with(nil, "some content")
+
+                  tcell_body_proxy.each { |b| }
+
+                  expect(tcell_body_proxy.content_length).to eq(12)
+                end
+              end
+            end
+          end
+
+          context "with an ActionView::OutputBuffer" do
+            context "that should not be processed" do
+              it "should only calculate content length" do
+                body_chunk = "some content"
+                js_agent_insertion_proc = double("js_agent_insertion_proc")
+                dlp_cleaner_proc = double("dlp_cleaner_proc")
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new([body_chunk]) { },
+                  false,
+                  nil, nil, nil, nil)
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Processing tcell body proxy body").and_call_original
+                expect(body_chunk).to receive(:class).and_return(
+                  double("body_class", name: "ActionView::OutputBuffer"))
+                expect(body_chunk).to receive(:class).and_return(
+                  double("body_class", name: "ActionView::OutputBuffer"))
+                expect(js_agent_insertion_proc).to_not receive(:call)
+                expect(dlp_cleaner_proc).to_not receive(:call)
+
+                tcell_body_proxy.each { |b| }
+
+                expect(tcell_body_proxy.content_length).to eq(12)
+              end
+            end
+
+            context "that should be processed" do
+              it "should call js and dlp procs as well as calculate content length" do
+                body_chunk = "some content"
+                js_agent_insertion_proc = double("js_agent_insertion_proc")
+                dlp_cleaner_proc = double("dlp_cleaner_proc")
+                tcell_body_proxy = TCellBodyProxy.new(
+                  Rack::BodyProxy.new([body_chunk]) { },
+                  true,
+                  js_agent_insertion_proc, "script_insert", dlp_cleaner_proc, nil)
+
+                expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
+                  "Processing tcell body proxy body").and_call_original
+                expect(js_agent_insertion_proc).to receive(:call).with("script_insert", body_chunk)
+                expect(dlp_cleaner_proc).to receive(:call).with(nil, body_chunk)
+
+                tcell_body_proxy.each { |b| }
+
+                expect(tcell_body_proxy.content_length).to eq(12)
+              end
+            end
+          end
+        end
+      end
+
+    end
+  end
+end

data/spec/lib/tcell_agent/rails/responses_spec.rb

@@ -75,45 +75,6 @@ module TCellAgent
         end
       end
 
-      context ".streaming_response?" do
-        context "with empty headers" do
-          it "should return false" do
-            expect(Rails.streaming_response?({})).to eq(false)
-          end
-        end
-
-        context "with headers" do
-          context "that are missing Transfer-Encoding" do
-            context "that are missing Content-Transfer-Encoding" do
-              it "should return false" do
-                expect(Rails.streaming_response?({})).to eq(false)
-              end
-            end
-
-            context "that have Content-Transfer-Encoding" do
-              it "should return true" do
-                expect(Rails.streaming_response?({"Content-Transfer-Encoding" => "chunked"})).to eq(true)
-              end
-            end
-          end
-        end
-
-        context "that have Transfer-Encoding" do
-          context "that are missing Content-Transfer-Encoding" do
-            it "should return true" do
-              expect(Rails.streaming_response?({"Transfer-Encoding" => "chunked"})).to eq(true)
-            end
-          end
-
-          context "that have Content-Transfer-Encoding" do
-            it "should return true" do
-              expect(Rails.streaming_response?({
-                "Transfer-Encoding" => "chunked",
-                "Content-Transfer-Encoding" => "chunked"})).to eq(true)
-            end
-          end
-        end
-      end
     end
 
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tcell_agent
 version: !ruby/object:Gem::Version
-  version: 0.2.27
+  version: 0.2.28
 platform: ruby
 authors:
 - Garrett
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-13 00:00:00.000000000 Z
+date: 2017-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -191,6 +191,8 @@ files:
 - lib/tcell_agent/rails/csrf_exception.rb
 - lib/tcell_agent/rails/dlp/process_request.rb
 - lib/tcell_agent/rails/dlp.rb
+- lib/tcell_agent/rails/dlp_handler.rb
+- lib/tcell_agent/rails/js_agent_insert.rb
 - lib/tcell_agent/rails/middleware/body_filter_middleware.rb
 - lib/tcell_agent/rails/middleware/context_middleware.rb
 - lib/tcell_agent/rails/middleware/global_middleware.rb
@@ -201,6 +203,7 @@ files:
 - lib/tcell_agent/rails/routes/route_id.rb
 - lib/tcell_agent/rails/routes.rb
 - lib/tcell_agent/rails/settings_reporter.rb
+- lib/tcell_agent/rails/tcell_body_proxy.rb
 - lib/tcell_agent/rails.rb
 - lib/tcell_agent/routes/table.rb
 - lib/tcell_agent/sensor_events/app_config.rb
@@ -321,6 +324,7 @@ files:
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
+- spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
 - spec/lib/tcell_agent/rails/responses_spec.rb
 - spec/lib/tcell_agent/rails/routes/grape_spec.rb
 - spec/lib/tcell_agent/rails/routes/route_id_spec.rb
@@ -472,6 +476,7 @@ test_files:
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
+- spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
 - spec/lib/tcell_agent/rails/responses_spec.rb
 - spec/lib/tcell_agent/rails/routes/grape_spec.rb
 - spec/lib/tcell_agent/rails/routes/route_id_spec.rb