2011-10-15 02:16:48 +02:00
|
|
|
"""
|
|
|
|
raven.core.processors
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
2012-10-12 19:45:54 +02:00
|
|
|
:copyright: (c) 2010-2012 by the Sentry Team, see AUTHORS for more details.
|
2011-10-15 02:16:48 +02:00
|
|
|
:license: BSD, see LICENSE for more details.
|
|
|
|
"""
|
2013-06-15 22:57:40 +02:00
|
|
|
from __future__ import absolute_import
|
2011-10-15 02:16:48 +02:00
|
|
|
|
2012-04-21 00:36:37 +02:00
|
|
|
import re
|
2012-01-20 00:50:47 +01:00
|
|
|
|
2012-01-20 01:16:11 +01:00
|
|
|
from raven.utils import varmap
|
2013-03-29 00:12:56 +01:00
|
|
|
from raven.utils import six
|
2012-01-20 01:16:11 +01:00
|
|
|
|
|
|
|
|
2011-10-15 02:16:48 +02:00
|
|
|
class Processor(object):
|
2011-10-21 04:46:55 +02:00
|
|
|
def __init__(self, client):
|
|
|
|
self.client = client
|
|
|
|
|
2012-01-20 01:16:11 +01:00
|
|
|
def get_data(self, data, **kwargs):
|
|
|
|
return
|
|
|
|
|
2011-10-15 02:16:48 +02:00
|
|
|
def process(self, data, **kwargs):
|
2012-01-20 01:16:11 +01:00
|
|
|
resp = self.get_data(data, **kwargs)
|
2011-10-15 02:16:48 +02:00
|
|
|
if resp:
|
|
|
|
data = resp
|
2013-12-17 11:01:04 +01:00
|
|
|
|
2014-05-20 21:02:18 +02:00
|
|
|
if 'stacktrace' in data:
|
|
|
|
self.filter_stacktrace(data['stacktrace'])
|
2013-12-17 11:01:04 +01:00
|
|
|
|
2014-05-20 21:02:18 +02:00
|
|
|
if 'exception' in data:
|
|
|
|
if 'stacktrace' in data['exception']:
|
|
|
|
self.filter_stacktrace(data['exception']['stacktrace'])
|
2013-12-17 11:01:04 +01:00
|
|
|
|
2014-05-20 21:02:18 +02:00
|
|
|
if 'request' in data:
|
|
|
|
self.filter_http(data['request'])
|
2013-12-17 11:01:04 +01:00
|
|
|
|
2011-10-15 02:16:48 +02:00
|
|
|
return data
|
|
|
|
|
2013-12-17 11:01:04 +01:00
|
|
|
def filter_stacktrace(self, data):
|
|
|
|
pass
|
|
|
|
|
|
|
|
def filter_http(self, data):
|
|
|
|
pass
|
|
|
|
|
2012-01-20 00:50:47 +01:00
|
|
|
|
2012-04-19 06:33:11 +02:00
|
|
|
class RemovePostDataProcessor(Processor):
|
|
|
|
"""
|
|
|
|
Removes HTTP post data.
|
|
|
|
"""
|
2013-12-17 11:01:04 +01:00
|
|
|
def filter_http(self, data, **kwargs):
|
|
|
|
data.pop('data', None)
|
2012-04-19 06:33:11 +02:00
|
|
|
|
|
|
|
|
|
|
|
class RemoveStackLocalsProcessor(Processor):
|
|
|
|
"""
|
|
|
|
Removes local context variables from stacktraces.
|
|
|
|
"""
|
2013-12-17 11:01:04 +01:00
|
|
|
def filter_stacktrace(self, data, **kwargs):
|
|
|
|
for frame in data.get('frames', []):
|
|
|
|
frame.pop('vars', None)
|
2012-04-19 06:33:11 +02:00
|
|
|
|
|
|
|
|
2012-02-02 21:54:41 +01:00
|
|
|
class SanitizePasswordsProcessor(Processor):
|
2011-10-15 02:16:48 +02:00
|
|
|
"""
|
2014-02-28 00:15:38 +01:00
|
|
|
Asterisk out things that look like passwords, credit card numbers,
|
|
|
|
and API keys in frames, http, and basic extra data.
|
2011-10-15 02:16:48 +02:00
|
|
|
"""
|
2012-04-19 06:27:25 +02:00
|
|
|
MASK = '*' * 8
|
2014-02-28 00:15:38 +01:00
|
|
|
FIELDS = frozenset([
|
|
|
|
'password', 'secret', 'passwd', 'authorization', 'api_key', 'apikey'
|
|
|
|
])
|
2013-01-22 05:35:01 +01:00
|
|
|
VALUES_RE = re.compile(r'^(?:\d[ -]*?){13,16}$')
|
2012-01-20 01:16:11 +01:00
|
|
|
|
|
|
|
def sanitize(self, key, value):
|
2012-04-21 02:02:06 +02:00
|
|
|
if value is None:
|
|
|
|
return
|
|
|
|
|
2013-03-29 00:12:56 +01:00
|
|
|
if isinstance(value, six.string_types) and self.VALUES_RE.match(value):
|
2012-04-21 02:02:06 +02:00
|
|
|
return self.MASK
|
|
|
|
|
2012-01-20 01:16:11 +01:00
|
|
|
if not key: # key can be a NoneType
|
|
|
|
return value
|
|
|
|
|
|
|
|
key = key.lower()
|
2012-04-21 00:26:06 +02:00
|
|
|
for field in self.FIELDS:
|
|
|
|
if field in key:
|
|
|
|
# store mask as a fixed length for security
|
|
|
|
return self.MASK
|
2012-01-20 01:16:11 +01:00
|
|
|
return value
|
|
|
|
|
|
|
|
def filter_stacktrace(self, data):
|
|
|
|
if 'frames' not in data:
|
|
|
|
return
|
|
|
|
for frame in data['frames']:
|
|
|
|
if 'vars' not in frame:
|
|
|
|
continue
|
|
|
|
frame['vars'] = varmap(self.sanitize, frame['vars'])
|
|
|
|
|
|
|
|
def filter_http(self, data):
|
2012-04-26 23:19:49 +02:00
|
|
|
for n in ('data', 'cookies', 'headers', 'env', 'query_string'):
|
2012-01-20 01:16:11 +01:00
|
|
|
if n not in data:
|
|
|
|
continue
|
|
|
|
|
2013-03-29 00:12:56 +01:00
|
|
|
if isinstance(data[n], six.string_types) and '=' in data[n]:
|
2012-04-19 06:25:55 +02:00
|
|
|
# at this point we've assumed it's a standard HTTP query
|
2012-05-15 21:20:51 +02:00
|
|
|
querybits = []
|
|
|
|
for bit in data[n].split('&'):
|
|
|
|
chunk = bit.split('=')
|
|
|
|
if len(chunk) == 2:
|
|
|
|
querybits.append((chunk[0], self.sanitize(*chunk)))
|
|
|
|
else:
|
|
|
|
querybits.append(chunk)
|
|
|
|
|
|
|
|
data[n] = '&'.join('='.join(k) for k in querybits)
|
2012-04-19 06:25:55 +02:00
|
|
|
else:
|
|
|
|
data[n] = varmap(self.sanitize, data[n])
|