Merge remote-tracking branch 'origin/master' into wip/sessiontracking

untitaker · untitaker · commit 016da7e542c5 · 2019-06-21T13:48:17.000+02:00
diff --git a/sentry_sdk/integrations/_wsgi_common.py b/sentry_sdk/integrations/_wsgi_common.py
@@ -11,6 +11,21 @@
     from typing import Union
 
 
+SENSITIVE_ENV_KEYS = (
+    "REMOTE_ADDR",
+    "HTTP_X_FORWARDED_FOR",
+    "HTTP_SET_COOKIE",
+    "HTTP_COOKIE",
+    "HTTP_AUTHORIZATION",
+    "HTTP_X_FORWARDED_FOR",
+    "HTTP_X_REAL_IP",
+)
+
+SENSITIVE_HEADERS = tuple(
+    x[len("HTTP_") :] for x in SENSITIVE_ENV_KEYS if x.startswith("HTTP_")
+)
+
+
 class RequestExtractor(object):
     def __init__(self, request):
         # type: (Any) -> None
@@ -129,7 +144,10 @@ def _filter_headers(headers):
         return headers
 
     return {
-        k: v
+        k: (
+            v
+            if k.upper().replace("-", "_") not in SENSITIVE_HEADERS
+            else AnnotatedValue("", {"rem": [["!config", "x", 0, len(v)]]})
+        )
         for k, v in iteritems(headers)
-        if k.lower().replace("_", "-") not in ("set-cookie", "cookie", "authorization")
     }
diff --git a/sentry_sdk/integrations/django/__init__.py b/sentry_sdk/integrations/django/__init__.py
@@ -134,6 +134,25 @@ def sentry_patched_get_response(self, request):
 
         BaseHandler.get_response = sentry_patched_get_response
 
+        try:
+            from rest_framework.views import APIView  # type: ignore
+        except ImportError:
+            pass
+        else:
+            # DRF's request type (which wraps the Django request and proxies
+            # all attrs) has some attributes such as `data` which buffer
+            # request data.  We want to use those in the RequestExtractor to
+            # get body data more reliably.
+            old_drf_initial = APIView.initial
+
+            def sentry_patched_drf_initial(self, request, *args, **kwargs):
+                with capture_internal_exceptions():
+                    request._request._sentry_drf_request_backref = weakref.ref(request)
+                    pass
+                return old_drf_initial(self, request, *args, **kwargs)
+
+            APIView.initial = sentry_patched_drf_initial
+
         signals.got_request_exception.connect(_got_request_exception)
 
         @add_global_event_processor
@@ -207,6 +226,13 @@ def event_processor(event, hint):
         if request is None:
             return event
 
+        try:
+            drf_request = request._sentry_drf_request_backref()
+            if drf_request is not None:
+                request = drf_request
+        except AttributeError:
+            pass
+
         with capture_internal_exceptions():
             DjangoRequestExtractor(request).extract_into_event(event)
 
diff --git a/sentry_sdk/integrations/gnu_backtrace.py b/sentry_sdk/integrations/gnu_backtrace.py
@@ -20,7 +20,7 @@
 (?P<package>{MODULE_RE})\(
   (?P<retval>{TYPE_RE}\ )?
   ((?P<function>{TYPE_RE})
-    (?P<args>\([^)]*\))?
+    (?P<args>\(.*\))?
   )?
   ((?P<constoffset>\ const)?\+0x(?P<offset>{HEXVAL_RE}))?
 \)\s
@@ -89,13 +89,8 @@ def _process_gnu_backtrace(event, hint):
                         },
                     )
                 )
-            elif additional_frames and line.strip():
-                # If we already started parsing a stacktrace, it must be at the
-                # end of the message and must not contain random garbage lines
-                # between the frames
-                del additional_frames[:]
-                break
             else:
+                # Put garbage lines back into message, not sure what to do with them.
                 new_msg.append(line)
 
         if additional_frames:
diff --git a/sentry_sdk/integrations/wsgi.py b/sentry_sdk/integrations/wsgi.py
@@ -100,8 +100,9 @@ def _get_environ(environ):
     """
     keys = ["SERVER_NAME", "SERVER_PORT"]
     if _should_send_default_pii():
-        # Add all three headers here to make debugging of proxy setup easier.
-        keys += ["REMOTE_ADDR", "HTTP_X_FORWARDED_FOR", "HTTP_X_REAL_IP"]
+        # make debugging of proxy setup easier. Proxy headers are
+        # in headers.
+        keys += ["REMOTE_ADDR"]
 
     for key in keys:
         if key in environ:
diff --git a/tests/integrations/django/myapp/urls.py b/tests/integrations/django/myapp/urls.py
@@ -42,6 +42,13 @@
     urlpatterns.append(
         path("rest-framework-exc", views.rest_framework_exc, name="rest_framework_exc")
     )
+    urlpatterns.append(
+        path(
+            "rest-framework-read-body-and-exc",
+            views.rest_framework_read_body_and_exc,
+            name="rest_framework_read_body_and_exc",
+        )
+    )
 except AttributeError:
     pass
 
diff --git a/tests/integrations/django/myapp/views.py b/tests/integrations/django/myapp/views.py
@@ -11,6 +11,11 @@
     def rest_framework_exc(request):
         1 / 0
 
+    @api_view(["POST"])
+    def rest_framework_read_body_and_exc(request):
+        request.data
+        1 / 0
+
 
 except ImportError:
     pass
diff --git a/tests/integrations/django/test_basic.py b/tests/integrations/django/test_basic.py
@@ -374,7 +374,7 @@ def test_read_request(sentry_init, client, capture_events):
 
     event, = events
 
-    assert event["request"]["data"] == {"hey": 42}
+    assert "data" not in event["request"]
 
 
 def test_template_exception(sentry_init, client, capture_events):
@@ -413,12 +413,15 @@ def test_template_exception(sentry_init, client, capture_events):
     ]
 
 
+@pytest.mark.parametrize(
+    "route", ["rest_framework_exc", "rest_framework_read_body_and_exc"]
+)
 @pytest.mark.parametrize(
     "type,event_request",
     [
         [
             "json",
-            {
+            lambda route: {
                 "cookies": {},
                 "data": {"foo": "bar"},
                 "env": {"SERVER_NAME": "localhost", "SERVER_PORT": "80"},
@@ -429,12 +432,12 @@ def test_template_exception(sentry_init, client, capture_events):
                 },
                 "method": "POST",
                 "query_string": "",
-                "url": "http://localhost/rest-framework-exc",
+                "url": "http://localhost/{}".format(route.replace("_", "-")),
             },
         ],
         [
             "formdata",
-            {
+            lambda route: {
                 "cookies": {},
                 "data": {"foo": "bar"},
                 "env": {"SERVER_NAME": "localhost", "SERVER_PORT": "80"},
@@ -445,13 +448,13 @@ def test_template_exception(sentry_init, client, capture_events):
                 },
                 "method": "POST",
                 "query_string": "",
-                "url": "http://localhost/rest-framework-exc",
+                "url": "http://localhost/{}".format(route.replace("_", "-")),
             },
         ],
     ],
 )
 def test_rest_framework_basic(
-    sentry_init, client, capture_events, capture_exceptions, type, event_request
+    sentry_init, client, capture_events, capture_exceptions, type, event_request, route
 ):
     pytest.importorskip("rest_framework")
     sentry_init(integrations=[DjangoIntegration()], send_default_pii=True)
@@ -460,12 +463,12 @@ def test_rest_framework_basic(
 
     if type == "json":
         client.post(
-            reverse("rest_framework_exc"),
+            reverse(route),
             data=json.dumps({"foo": "bar"}),
             content_type="application/json",
         )
     elif type == "formdata":
-        client.post(reverse("rest_framework_exc"), data={"foo": "bar"})
+        client.post(reverse(route), data={"foo": "bar"})
     else:
         assert False
 
@@ -475,4 +478,4 @@ def test_rest_framework_basic(
     event, = events
     assert event["exception"]["values"][0]["mechanism"]["type"] == "django"
 
-    assert event["request"] == event_request
+    assert event["request"] == event_request(route)
diff --git a/tests/integrations/pyramid/test_pyramid.py b/tests/integrations/pyramid/test_pyramid.py
@@ -327,3 +327,35 @@ def authenticated_userid(self, request):
     client.get("/message")
 
     assert len(events) == 1
+
+
+def tween_factory(handler, registry):
+    def tween(request):
+        try:
+            response = handler(request)
+        except Exception:
+            mroute = request.matched_route
+            if mroute and mroute.name in ("index",):
+                return Response("bad request", status_code=400)
+        return response
+
+    return tween
+
+
+def test_tween_ok(sentry_init, pyramid_config, capture_exceptions, route, get_client):
+    sentry_init(integrations=[PyramidIntegration()])
+    errors = capture_exceptions()
+
+    @route("/")
+    def index(request):
+        raise Exception()
+
+    pyramid_config.add_tween(
+        "tests.integrations.pyramid.test_pyramid.tween_factory",
+        under=pyramid.tweens.INGRESS,
+    )
+
+    client = get_client()
+    client.get("/")
+
+    assert not errors
diff --git a/tests/integrations/test_gnu_backtrace.py b/tests/integrations/test_gnu_backtrace.py
diff --git a/tox.ini b/tox.ini
