Skip to content

Commit 16a0713

Browse files
st0012st0012
authored
Merge ca6d2fd into 740ed8c 
2 parents 740ed8c + ca6d2fd commit 16a0713

3 files changed

Lines changed: 28 additions & 2 deletions

File tree

CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616
- Don't start `Sentry::SendEventJob`'s transaction [#1547](https://github.com/getsentry/sentry-ruby/pull/1547)
1717
- Fixes [#1539](https://github.com/getsentry/sentry-ruby/issues/1539)
1818
- Don't record breadcrumbs in disabled environments [#1549](https://github.com/getsentry/sentry-ruby/pull/1549)
19+
- Scrub header values with invalid encoding [#1552](https://github.com/getsentry/sentry-ruby/pull/1552)
20+
- Fixes [#1551](https://github.com/getsentry/sentry-ruby/issues/1551)
1921

2022
## 4.6.5
2123

sentry-ruby/lib/sentry/interfaces/request.rb

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ def read_data_from(request)
5757
request.POST
5858
elsif request.body # JSON requests, etc
5959
data = request.body.read(MAX_BODY_LIMIT)
60-
data = data.force_encoding(Encoding::UTF_8) if data.respond_to?(:force_encoding)
60+
data = encode_to_utf_8(data.to_s)
6161
request.body.rewind
6262
data
6363
end
@@ -76,7 +76,8 @@ def filter_and_format_headers(env)
7676
# Rack stores headers as HTTP_WHAT_EVER, we need What-Ever
7777
key = key.sub(/^HTTP_/, "")
7878
key = key.split('_').map(&:capitalize).join('-')
79-
memo[key] = value.to_s
79+
80+
memo[key] = encode_to_utf_8(value.to_s)
8081
rescue StandardError => e
8182
# Rails adds objects to the Rack env that can sometimes raise exceptions
8283
# when `to_s` is called.
@@ -87,6 +88,18 @@ def filter_and_format_headers(env)
8788
end
8889
end
8990

91+
def encode_to_utf_8(value)
92+
if value.encoding != Encoding::UTF_8 && value.respond_to?(:force_encoding)
93+
value = value.dup.force_encoding(Encoding::UTF_8)
94+
end
95+
96+
if !value.valid_encoding?
97+
value = value.scrub
98+
end
99+
100+
value
101+
end
102+
90103
def is_skippable_header?(key)
91104
key.upcase != key || # lower-case envs aren't real http headers
92105
key == "HTTP_COOKIE" || # Cookies don't go here, they go somewhere else

sentry-ruby/spec/sentry/interfaces/request_interface_spec.rb

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,17 @@
5959
end
6060
end
6161

62+
context 'with special characters' do
63+
let(:additional_headers) { { "HTTP_FOO" => "Tekirda\xC4" } }
64+
65+
it "doesn't cause any issue" do
66+
interface = described_class.build(env: env)
67+
json = JSON.generate(interface.to_hash)
68+
69+
expect(JSON.parse(json)["headers"]).to eq({"Content-Length"=>"0", "Foo"=>"Tekirda�"})
70+
end
71+
end
72+
6273
context 'with additional env variables' do
6374
let(:mock) { double }
6475
let(:env) { { "some.variable" => mock } }

0 commit comments

Comments
 (0)