From a2328b6c918657ebc0a41d22463cb1e20cfdf219 Mon Sep 17 00:00:00 2001 From: Inbal Tako Date: Wed, 28 Oct 2020 13:38:49 +0200 Subject: [PATCH] Support legacy header extraction --- Gemfile.lock | 2 +- lib/securenative/frameworks/hanami.rb | 9 ++++++++- lib/securenative/frameworks/rails.rb | 9 ++++++++- lib/securenative/frameworks/sinatra.rb | 9 ++++++++- lib/securenative/version.rb | 2 +- spec/securenative/spec_api_manager.rb | 2 +- spec/securenative/spec_event_manager.rb | 6 +++--- spec/securenative/spec_http_client.rb | 2 +- 8 files changed, 31 insertions(+), 10 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index c3bba1a..1ef2a45 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - securenative (0.1.37) + securenative (0.1.38) GEM remote: https://rubygems.org/ diff --git a/lib/securenative/frameworks/hanami.rb b/lib/securenative/frameworks/hanami.rb index e77c422..c9f3217 100644 --- a/lib/securenative/frameworks/hanami.rb +++ b/lib/securenative/frameworks/hanami.rb @@ -36,9 +36,16 @@ def self.get_method(request) def self.get_headers(request) begin headers = {} - request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + + request.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] } + + if headers.length == 0 + request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] + } + end return headers rescue StandardError nil diff --git a/lib/securenative/frameworks/rails.rb b/lib/securenative/frameworks/rails.rb index cb80947..8846b0c 100644 --- a/lib/securenative/frameworks/rails.rb +++ b/lib/securenative/frameworks/rails.rb @@ -38,9 +38,16 @@ def self.get_method(request) def self.get_headers(request) begin headers = {} - request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + + request.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] } + + if headers.length == 0 + request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] + } + end return headers rescue StandardError nil diff --git a/lib/securenative/frameworks/sinatra.rb b/lib/securenative/frameworks/sinatra.rb index 0280da3..e043965 100644 --- a/lib/securenative/frameworks/sinatra.rb +++ b/lib/securenative/frameworks/sinatra.rb @@ -36,9 +36,16 @@ def self.get_method(request) def self.get_headers(request) begin headers = {} - request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + + request.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] } + + if headers.length == 0 + request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header| + headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1] + } + end return headers rescue StandardError nil diff --git a/lib/securenative/version.rb b/lib/securenative/version.rb index 2e61655..db33b45 100644 --- a/lib/securenative/version.rb +++ b/lib/securenative/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module SecureNative - VERSION = '0.1.37' + VERSION = '0.1.38' end diff --git a/spec/securenative/spec_api_manager.rb b/spec/securenative/spec_api_manager.rb index 709af5f..88f7c99 100644 --- a/spec/securenative/spec_api_manager.rb +++ b/spec/securenative/spec_api_manager.rb @@ -55,7 +55,7 @@ 'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization' => 'YOUR_API_KEY', 'Content-Type' => 'application/json', - 'Sn-Version' => '0.1.37', + 'Sn-Version' => '0.1.38', 'User-Agent' => 'SecureNative-ruby' } ).to_return(status: 200, body: '', headers: {}) diff --git a/spec/securenative/spec_event_manager.rb b/spec/securenative/spec_event_manager.rb index 67dbf39..0d84791 100644 --- a/spec/securenative/spec_event_manager.rb +++ b/spec/securenative/spec_event_manager.rb @@ -29,7 +29,7 @@ def initialize 'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization' => 'YOUR_API_KEY', 'Content-Type' => 'application/json', - 'Sn-Version' => '0.1.37', + 'Sn-Version' => '0.1.38', 'User-Agent' => 'SecureNative-ruby' }) .to_return(status: 200, body: '', headers: {}) @@ -53,7 +53,7 @@ def initialize 'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization' => 'YOUR_API_KEY', 'Content-Type' => 'application/json', - 'Sn-Version' => '0.1.37', + 'Sn-Version' => '0.1.38', 'User-Agent' => 'SecureNative-ruby' }) .to_return(status: 401, body: '', headers: {}) @@ -74,7 +74,7 @@ def initialize 'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization' => 'YOUR_API_KEY', 'Content-Type' => 'application/json', - 'Sn-Version' => '0.1.37', + 'Sn-Version' => '0.1.38', 'User-Agent' => 'SecureNative-ruby' }) .to_return(status: 500, body: '', headers: {}) diff --git a/spec/securenative/spec_http_client.rb b/spec/securenative/spec_http_client.rb index da39f14..38ffd9a 100644 --- a/spec/securenative/spec_http_client.rb +++ b/spec/securenative/spec_http_client.rb @@ -15,7 +15,7 @@ 'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'Authorization' => 'YOUR_API_KEY', 'Content-Type' => 'application/json', - 'Sn-Version' => '0.1.37', + 'Sn-Version' => '0.1.38', 'User-Agent' => 'SecureNative-ruby' }).to_return(status: 200, body: '', headers: {})