master

分支 (53)

标签 (186)

管理

管理

master

stack-local-cc-processor

fix-test-with-containers

bugfix/optional-dsn

pr/1211

fix-tornado-dep

update-travis-conf

fix/trim-crumbs

releases/7.0.0

feature-disable-dsn

fix-value-error-django-middleware

1074-quickfix-celery-instrument-setting

1067-flask-json-request-body

releases/5.33.x

feature/no-flask-darra

ref/throw-import-error

feature/notty

feature/health-events

iterlists

feature/remove-message

6.10.0

6.9.0

6.8.0

6.7.0

6.6.0

6.5.0

6.4.0

6.3.0

6.2.1

6.2.0

6.1.0

5.33.0

6.0.0

5.32.0

5.31.0

5.30.0

5.29.0

5.28.0

5.27.1

5.27.0

raven-python
/
raven
/
processors.py

"""
raven.core.processors
~~~~~~~~~~~~~~~~~~~~~

:copyright: (c) 2010-2012 by the Sentry Team, see AUTHORS for more details.
:license: BSD, see LICENSE for more details.
"""
from __future__ import absolute_import

import re
import warnings

from raven.utils.compat import string_types, text_type, PY3
from raven.utils import varmap


class Processor(object):
    def __init__(self, client):
        self.client = client

    def get_data(self, data, **kwargs):
        return

    def process(self, data, **kwargs):
        resp = self.get_data(data, **kwargs)
        if resp:
            data = resp

        if 'exception' in data:
            if 'values' in data['exception']:
                for value in data['exception'].get('values', []):
                    if 'stacktrace' in value:
                        self.filter_stacktrace(value['stacktrace'])

        if 'request' in data:
            self.filter_http(data['request'])

        if 'extra' in data:
            data['extra'] = self.filter_extra(data['extra'])

        return data

    def filter_stacktrace(self, data):
        pass

    def filter_http(self, data):
        pass

    def filter_extra(self, data):
        return data


class RemovePostDataProcessor(Processor):
    """Removes HTTP post data."""

    def filter_http(self, data, **kwargs):
        data.pop('data', None)


class RemoveStackLocalsProcessor(Processor):
    """Removes local context variables from stacktraces."""

    def filter_stacktrace(self, data, **kwargs):
        for frame in data.get('frames', []):
            frame.pop('vars', None)


class SanitizeKeysProcessor(Processor):
    """
    Asterisk out things that correspond to a configurable set of keys.
    """

    MASK = '*' * 8

    @property
    def sanitize_keys(self):
        keys = getattr(self.client, 'sanitize_keys')
        if keys is None:
            raise ValueError('The sanitize_keys setting must be present to use SanitizeKeysProcessor')
        return keys

    def sanitize(self, item, value):
        if value is None:
            return

        if not item:  # key can be a NoneType
            return value

        # Just in case we have bytes here, we want to make them into text
        # properly without failing so we can perform our check.
        if isinstance(item, bytes):
            item = item.decode('utf-8', 'replace')
        else:
            item = text_type(item)

        item = item.lower()
        for key in self.sanitize_keys:
            if key in item:
                # store mask as a fixed length for security
                return self.MASK
        return value

    def filter_stacktrace(self, data):
        for frame in data.get('frames', []):
            if 'vars' not in frame:
                continue
            frame['vars'] = varmap(self.sanitize, frame['vars'])

    def filter_http(self, data):
        for n in ('data', 'cookies', 'headers', 'env', 'query_string'):
            if n not in data:
                continue

            # data could be provided as bytes
            if PY3 and isinstance(data[n], bytes):
                data[n] = data[n].decode('utf-8', 'replace')

            if isinstance(data[n], string_types) and '=' in data[n]:
                # at this point we've assumed it's a standard HTTP query
                # or cookie
                if n == 'cookies':
                    delimiter = ';'
                else:
                    delimiter = '&'

                data[n] = self._sanitize_keyvals(data[n], delimiter)
            else:
                data[n] = varmap(self.sanitize, data[n])
                if n == 'headers' and 'Cookie' in data[n]:
                    data[n]['Cookie'] = self._sanitize_keyvals(
                        data[n]['Cookie'], ';'
                    )

    def filter_extra(self, data):
        return varmap(self.sanitize, data)

    def _sanitize_keyvals(self, keyvals, delimiter):
        sanitized_keyvals = []
        for keyval in keyvals.split(delimiter):
            keyval = keyval.split('=')
            if len(keyval) == 2:
                sanitized_keyvals.append((keyval[0], self.sanitize(*keyval)))
            else:
                sanitized_keyvals.append(keyval)

        return delimiter.join('='.join(keyval) for keyval in sanitized_keyvals)


class SanitizePasswordsProcessor(SanitizeKeysProcessor):
    """
    Asterisk out things that look like passwords, credit card numbers,
    and API keys in frames, http, and basic extra data.
    """

    KEYS = frozenset([
        'password',
        'secret',
        'passwd',
        'authorization',
        'api_key',
        'apikey',
        'sentry_dsn',
        'access_token',
    ])
    VALUES_RE = re.compile(r'^(?:\d[ -]*?){13,16}$')

    @property
    def sanitize_keys(self):
        return self.KEYS

    @property
    def FIELDS(self):
        warnings.warn(
            "`SanitizePasswordsProcessor.Fields` has been deprecated. Use "
            "`SanitizePasswordsProcessor.KEYS` or `SanitizePasswordsProcessor.sanitize_keys` "
            "instead",
            DeprecationWarning,
        )
        return self.KEYS

    def sanitize(self, item, value):
        value = super(SanitizePasswordsProcessor, self).sanitize(item, value)
        if isinstance(value, string_types) and self.VALUES_RE.match(value):
            return self.MASK
        return value