Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release v6.27.1 #830

Merged
merged 4 commits into from
Jun 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,15 @@
Changelog
=========

## v6.27.1 (18 June 2024)

### Fixes

* Only read Rack request body if it's rewindable
| [#829](https://github.com/bugsnag/bugsnag-ruby/pull/829)
* Fix circular require warning
| [#828](https://github.com/bugsnag/bugsnag-ruby/pull/828)

## v6.27.0 (23 May 2024)

### Enhancements
Expand Down
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
6.27.0
6.27.1
1 change: 1 addition & 0 deletions features/fixtures/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ services:
- BUGSNAG_API_KEY
- BUGSNAG_ENDPOINT
- BUGSNAG_METADATA_FILTERS
- BUGSNAG_RACK_NO_REWIND
restart: "no"
ports:
- target: 3000
Expand Down
4 changes: 1 addition & 3 deletions features/fixtures/rack/app/Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,4 @@ gem 'webrick' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('3.0.0')

# Some functionality provided by Rack was moved to the 'rackup' gem in Rack v3
# Specifically the test app uses Rack::Server, which is now Rackup::Server
if ENV['RACK_VERSION'] == '3'
gem 'rackup', '~> 0.2.3'
end
gem 'rackup' if ENV['RACK_VERSION'] >= '3'
7 changes: 6 additions & 1 deletion features/fixtures/rack/app/app.rb
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,17 @@ def call(env)
end
end

app = Bugsnag::Rack.new(BugsnagTests.new)

Server =
if defined?(Rack::Server)
Rack::Server
else
require 'rackup'

app = Rack::RewindableInput::Middleware.new(app) unless ENV["BUGSNAG_RACK_NO_REWIND"] == "true"

Rackup::Server
end

Server.start(app: Bugsnag::Rack.new(BugsnagTests.new), Host: '0.0.0.0', Port: 3000)
Server.start(app: app, Host: '0.0.0.0', Port: 3000)
58 changes: 58 additions & 0 deletions features/rack.feature
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ Scenario: A POST request with form data sends a report with the parsed request b
And the event "metaData.request.httpVersion" matches "^HTTP/\d\.\d$"
And the event "metaData.request.params.a" equals "123"
And the event "metaData.request.params.b" equals "456"
And the event "metaData.request.params.name" equals "baba"
And the event "metaData.request.params.favourite_letter" equals "z"
And the event "metaData.request.params.password" equals "[FILTERED]"
And the event "metaData.request.referer" is null
And the event "metaData.request.url" ends with "/unhandled?a=123&b=456"

Expand All @@ -86,6 +89,9 @@ Scenario: A POST request with JSON sends a report with the parsed request body a
And the event "metaData.request.httpVersion" matches "^HTTP/\d\.\d$"
And the event "metaData.request.params.a" equals "123"
And the event "metaData.request.params.b" equals "456"
And the event "metaData.request.params.name" is null
And the event "metaData.request.params.favourite_letter" is null
And the event "metaData.request.params.password" is null
And the event "metaData.request.referer" is null
And the event "metaData.request.url" ends with "/unhandled?a=123&b=456"

Expand Down Expand Up @@ -172,3 +178,55 @@ Scenario: clearing feature flags for an unhandled error
And I wait to receive an error
Then the error is valid for the error reporting API version "4.0" for the "Ruby Bugsnag Notifier" notifier
And the event has no feature flags

@not-rack-1
@not-rack-2
Scenario: An unrewindable POST request with form data does not attach request body
Given I set environment variable "BUGSNAG_RACK_NO_REWIND" to "true"
And I start the rack service
When I send a POST request to "/unhandled?a=123&b=456" in the rack app with the following form data:
| name | baba |
| favourite_letter | z |
| password | password1 |
And I wait to receive an error
Then the error is valid for the error reporting API version "4.0" for the "Ruby Bugsnag Notifier" notifier
And the event "metaData.request.body" is null
And the event "metaData.request.clientIp" is not null
And the event "metaData.request.cookies" is null
And the event "metaData.request.headers.Host" is not null
And the event "metaData.request.headers.User-Agent" is not null
And the event "metaData.request.httpMethod" equals "POST"
And the event "metaData.request.httpVersion" matches "^HTTP/\d\.\d$"
And the event "metaData.request.params.a" equals "123"
And the event "metaData.request.params.b" equals "456"
And the event "metaData.request.params.name" is null
And the event "metaData.request.params.favourite_letter" is null
And the event "metaData.request.params.password" is null
And the event "metaData.request.referer" is null
And the event "metaData.request.url" ends with "/unhandled?a=123&b=456"

@not-rack-1
@not-rack-2
Scenario: An unrewindable POST request with JSON does not attach request body
Given I set environment variable "BUGSNAG_RACK_NO_REWIND" to "true"
And I start the rack service
When I send a POST request to "/unhandled?a=123&b=456" in the rack app with the following JSON:
| name | baba |
| favourite_letter | z |
| password | password1 |
And I wait to receive an error
Then the error is valid for the error reporting API version "4.0" for the "Ruby Bugsnag Notifier" notifier
And the event "metaData.request.body" is null
And the event "metaData.request.clientIp" is not null
And the event "metaData.request.cookies" is null
And the event "metaData.request.headers.Host" is not null
And the event "metaData.request.headers.User-Agent" is not null
And the event "metaData.request.httpMethod" equals "POST"
And the event "metaData.request.httpVersion" matches "^HTTP/\d\.\d$"
And the event "metaData.request.params.a" equals "123"
And the event "metaData.request.params.b" equals "456"
And the event "metaData.request.params.name" is null
And the event "metaData.request.params.favourite_letter" is null
And the event "metaData.request.params.password" is null
And the event "metaData.request.referer" is null
And the event "metaData.request.url" ends with "/unhandled?a=123&b=456"
8 changes: 8 additions & 0 deletions features/support/env.rb
Original file line number Diff line number Diff line change
Expand Up @@ -63,3 +63,11 @@ def current_ip
Maze::Runner.environment["BUGSNAG_ENDPOINT"] = "http://#{host}:#{Maze.config.port}/notify"
Maze::Runner.environment["BUGSNAG_SESSION_ENDPOINT"] = "http://#{host}:#{Maze.config.port}/sessions"
end

Before("@not-rack-1") do
skip_this_scenario if ENV["RACK_VERSION"] == "1"
end

Before("@not-rack-2") do
skip_this_scenario if ENV["RACK_VERSION"] == "2"
end
17 changes: 5 additions & 12 deletions lib/bugsnag.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
require "rubygems"
require "thread"
require "set"
require "json"
require "uri"
require "socket"
require "logger"

require "bugsnag/version"
require "bugsnag/utility/feature_data_store"
Expand All @@ -21,21 +26,9 @@
# as it doesn't auto-configure when loaded
require "bugsnag/integrations/rack"

require "bugsnag/middleware/rack_request"
require "bugsnag/middleware/warden_user"
require "bugsnag/middleware/clearance_user"
require "bugsnag/middleware/callbacks"
require "bugsnag/middleware/rails3_request"
require "bugsnag/middleware/sidekiq"
require "bugsnag/middleware/mailman"
require "bugsnag/middleware/rake"
require "bugsnag/middleware/classify_error"
require "bugsnag/middleware/delayed_job"

require "bugsnag/breadcrumb_type"
require "bugsnag/breadcrumbs/validator"
require "bugsnag/breadcrumbs/breadcrumb"
require "bugsnag/breadcrumbs/breadcrumbs"

require "bugsnag/utility/duplicator"
require "bugsnag/utility/metadata_delegate"
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/breadcrumbs/on_breadcrumb_callback_list.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require "set"

module Bugsnag::Breadcrumbs
class OnBreadcrumbCallbackList
def initialize(configuration)
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/breadcrumbs/validator.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require 'bugsnag/breadcrumbs/breadcrumbs'

module Bugsnag::Breadcrumbs
##
# Validates a given breadcrumb before it is stored
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/cleaner.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require 'uri'

module Bugsnag
# @api private
class Cleaner
Expand Down
30 changes: 19 additions & 11 deletions lib/bugsnag/configuration.rb
Original file line number Diff line number Diff line change
@@ -1,20 +1,28 @@
require "set"
require "socket"
require "logger"
require "bugsnag/middleware_stack"
require "bugsnag/breadcrumbs/on_breadcrumb_callback_list"

require "bugsnag/endpoint_configuration"
require "bugsnag/endpoint_validator"

require "bugsnag/middleware/breadcrumbs"
require "bugsnag/middleware/callbacks"
require "bugsnag/middleware/classify_error"
require "bugsnag/middleware/clearance_user"
require "bugsnag/middleware/delayed_job"
require "bugsnag/middleware/discard_error_class"
require "bugsnag/middleware/exception_meta_data"
require "bugsnag/middleware/ignore_error_class"
require "bugsnag/middleware/suggestion_data"
require "bugsnag/middleware/classify_error"
require "bugsnag/middleware/mailman"
require "bugsnag/middleware/rack_request"
require "bugsnag/middleware/rails3_request"
require "bugsnag/middleware/rake"
require "bugsnag/middleware/session_data"
require "bugsnag/middleware/breadcrumbs"
require "bugsnag/middleware/sidekiq"
require "bugsnag/middleware/suggestion_data"
require "bugsnag/middleware/warden_user"

require "bugsnag/middleware_stack"

require "bugsnag/utility/circular_buffer"
require "bugsnag/breadcrumbs/breadcrumbs"
require "bugsnag/breadcrumbs/on_breadcrumb_callback_list"
require "bugsnag/endpoint_configuration"
require "bugsnag/endpoint_validator"

module Bugsnag
class Configuration
Expand Down
1 change: 0 additions & 1 deletion lib/bugsnag/delivery/synchronous.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
require "net/https"
require "uri"

module Bugsnag
module Delivery
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/delivery/thread_queue.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require "thread"

module Bugsnag
module Delivery
class ThreadQueue < Synchronous
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/event.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require "bugsnag/report"

module Bugsnag
# For now Event is just an alias of Report. This points to the same object so
# any changes to Report will also affect Event
Expand Down
5 changes: 0 additions & 5 deletions lib/bugsnag/helpers.rb
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
require 'uri'
require 'set'
require 'json'


module Bugsnag
module Helpers # rubocop:todo Metrics/ModuleLength
MAX_STRING_LENGTH = 3072
Expand Down
1 change: 0 additions & 1 deletion lib/bugsnag/integrations/mongo.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
require 'mongo'
require 'bugsnag/breadcrumbs/breadcrumbs'

module Bugsnag
##
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/integrations/rails/active_job.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require 'set'

module Bugsnag::Rails
module ActiveJob
SEVERITY = 'error'
Expand Down
2 changes: 0 additions & 2 deletions lib/bugsnag/integrations/rails/rails_breadcrumbs.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require "bugsnag/breadcrumbs/breadcrumbs"

module Bugsnag::Rails
DEFAULT_RAILS_BREADCRUMBS = [
{
Expand Down
4 changes: 0 additions & 4 deletions lib/bugsnag/integrations/railtie.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,6 @@
# Rails 3.x hooks

require "json"
require "rails"
require "bugsnag"
require "bugsnag/middleware/rails3_request"
require "bugsnag/middleware/rack_request"
require "bugsnag/integrations/rails/rails_breadcrumbs"

module Bugsnag
Expand Down
5 changes: 4 additions & 1 deletion lib/bugsnag/integrations/rake.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
require 'bugsnag'
# this file can either be required manually by a user, in which case 'bugsnag'
# needs to be required, or it can be required automatically in the railtie,
# in which case 'bugsnag' has already been required
require 'bugsnag' unless defined?(Bugsnag)

Rake::TaskManager.record_task_metadata = true

Expand Down
52 changes: 35 additions & 17 deletions lib/bugsnag/middleware/rack_request.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
require "json"

module Bugsnag::Middleware
##
# Extracts and attaches rack data to an error report
Expand All @@ -17,7 +15,15 @@ def call(report)

request = ::Rack::Request.new(env)

params = request.params rescue {}
params =
# if the request body isn't rewindable then we can't read request.POST
# which is used internally by request.params
if request.body.respond_to?(:rewind)
request.params rescue {}
else
request.GET rescue {}
end

client_ip = request.ip.to_s rescue SPOOF
session = env["rack.session"]

Expand Down Expand Up @@ -106,7 +112,11 @@ def format_headers(env, referer)
end

def add_request_body(report, request, env)
body = parsed_request_body(request, env)
begin
body = parsed_request_body(request, env)
rescue StandardError
return nil
end

# this request may not have a body
return unless body.is_a?(Hash) && !body.empty?
Expand All @@ -115,26 +125,34 @@ def add_request_body(report, request, env)
end

def parsed_request_body(request, env)
return request.POST rescue nil if request.form_data?
# if the request is not rewindable then either:
# - it's been read already and so is impossible to read
# - it hasn't been read yet and us reading it will prevent the user from
# reading it themselves
# in either case we should avoid attempting to
return nil unless request.body.respond_to?(:rewind)

if request.form_data?
begin
return request.POST
ensure
request.body.rewind
end
end

content_type = env["CONTENT_TYPE"]

return nil if content_type.nil?
return nil unless content_type.include?('/json') || content_type.include?('+json')

if content_type.include?('/json') || content_type.include?('+json')
begin
body = request.body
begin
body = request.body

return JSON.parse(body.read)
rescue StandardError
return nil
ensure
# the body must be rewound so other things can read it after we do
body.rewind
end
JSON.parse(body.read)
ensure
# the body must be rewound so other things can read it after we do
body.rewind
end

nil
end

def add_cookies(report, request)
Expand Down
1 change: 0 additions & 1 deletion lib/bugsnag/report.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
require "json"
require "pathname"
require "bugsnag/error"
require "bugsnag/stacktrace"
Expand Down
Loading
Loading