Changeset 7132

Timestamp:

06/27/07 02:52:48 (1 year ago)

Author:

minam

Message:

param filtering for exception notification (closes #8432, thanks for the excellent patch!)

Files:

• plugins/exception_notification/lib/exception_notifier_helper.rb (modified) (2 diffs)
• plugins/exception_notification/test (added)
• plugins/exception_notification/test/exception_notifier_helper_test.rb (added)
• plugins/exception_notification/test/test_helper.rb (added)
• plugins/exception_notification/views/exception_notifier/_environment.rhtml (modified) (1 diff)
• plugins/exception_notification/views/exception_notifier/_request.rhtml (modified) (1 diff)

plugins/exception_notification/lib/exception_notifier_helper.rb

@@ -24 +24 @@
-  VIEW_PATH = "views/exception_notifier"
-  APP_PATH = "#{RAILS_ROOT}/app/#{VIEW_PATH}"
+  PARAM_FILTER_REPLACEMENT = "[FILTERED]"
-
-  def render_section(section)
@@ -61 +62 @@
-    object.to_yaml.sub(/^---\s*/m, "")
-  end
+
+  def exclude_raw_post_parameters?
+    @controller && @controller.respond_to?(:filter_parameters)
+  end
+  
+  def filter_sensitive_post_data_parameters(parameters)
+    exclude_raw_post_parameters? ? @controller.filter_parameters(parameters) : parameters
+  end
+  
+  def filter_sensitive_post_data_from_env(env_key, env_value)
+    return env_value unless exclude_raw_post_parameters?
+    (env_key =~ /RAW_POST_DATA/i) ? PARAM_FILTER_REPLACEMENT : env_value
+  end
-end

plugins/exception_notification/views/exception_notifier/_environment.rhtml

@@ -1 +1 @@
-<% max = @request.env.keys.max { |a,b| a.length <=> b.length } -%>
-<% @request.env.keys.sort.each do |key| -%>
-@request.env[key].to_s.strip
+filter_sensitive_post_data_from_env(key, @request.env[key].to_s.strip)
-<% end -%>
-

plugins/exception_notification/views/exception_notifier/_request.rhtml

@@ -1 +1 @@
-* URL: <%= @request.protocol %><%= @host %><%= @request.request_uri %>
-@request.parameters
+filter_sensitive_post_data_parameters(@request.parameters)
-* Rails root: <%= @rails_root %>