From 9212138ad0a9ae3285a2566300afb7d94344214a Mon Sep 17 00:00:00 2001 From: Jeffrey Hardy Date: Mon, 5 Oct 2009 08:27:54 -0400 Subject: MessageVerifier#verify raises InvalidSignature if the signature is blank Signed-off-by: Jeremy Kemper --- activesupport/lib/active_support/message_verifier.rb | 2 ++ activesupport/test/message_verifier_test.rb | 5 +++++ 2 files changed, 7 insertions(+) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index 74e080a23d..fcdc09ff08 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -26,6 +26,8 @@ module ActiveSupport end def verify(signed_message) + raise InvalidSignature if signed_message.blank? + data, digest = signed_message.split("--") if secure_compare(digest, generate_digest(data)) Marshal.load(ActiveSupport::Base64.decode64(data)) diff --git a/activesupport/test/message_verifier_test.rb b/activesupport/test/message_verifier_test.rb index 4f8837ba4e..e6370bc3db 100644 --- a/activesupport/test/message_verifier_test.rb +++ b/activesupport/test/message_verifier_test.rb @@ -18,6 +18,11 @@ class MessageVerifierTest < Test::Unit::TestCase assert_equal @data, @verifier.verify(message) end + def test_missing_signature_raises + assert_not_verified(nil) + assert_not_verified("") + end + def test_tampered_data_raises data, hash = @verifier.generate(@data).split("--") assert_not_verified("#{data.reverse}--#{hash}") -- cgit v1.2.3 From 9415935902f120a9bac0bfce7129725a0db38ed3 Mon Sep 17 00:00:00 2001 From: Michael Koziarski Date: Thu, 8 Oct 2009 09:31:20 +1300 Subject: Switch to on-by-default XSS escaping for rails. This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration. --- .../lib/active_support/core_ext/string.rb | 3 +- .../core_ext/string/output_safety.rb | 43 +++++++++++ activesupport/test/core_ext/string_ext_test.rb | 86 ++++++++++++++++++++++ 3 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 activesupport/lib/active_support/core_ext/string/output_safety.rb (limited to 'activesupport') diff --git a/activesupport/lib/active_support/core_ext/string.rb b/activesupport/lib/active_support/core_ext/string.rb index d06a5a32fb..6c52f12712 100644 --- a/activesupport/lib/active_support/core_ext/string.rb +++ b/activesupport/lib/active_support/core_ext/string.rb @@ -7,4 +7,5 @@ require 'active_support/core_ext/string/access' require 'active_support/core_ext/string/iterators' require 'active_support/core_ext/string/xchar' require 'active_support/core_ext/string/behavior' -require 'active_support/core_ext/string/interpolation' \ No newline at end of file +require 'active_support/core_ext/string/interpolation' +require 'active_support/core_ext/string/output_safety' \ No newline at end of file diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb new file mode 100644 index 0000000000..2cca4763f4 --- /dev/null +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -0,0 +1,43 @@ +class String + def html_safe? + defined?(@_rails_html_safe) && @_rails_html_safe + end + + def html_safe! + @_rails_html_safe = true + self + end + + def html_safe + dup.html_safe! + end + + alias original_plus + + def +(other) + result = original_plus(other) + if html_safe? && also_html_safe?(other) + result.html_safe! + else + result + end + end + + alias original_concat << + def <<(other) + result = original_concat(other) + unless html_safe? && also_html_safe?(other) + @_rails_html_safe = false + end + result + end + + def concat(other) + self << other + end + + private + def also_html_safe?(other) + other.respond_to?(:html_safe?) && other.html_safe? + end + +end \ No newline at end of file diff --git a/activesupport/test/core_ext/string_ext_test.rb b/activesupport/test/core_ext/string_ext_test.rb index db9073e298..584a41b631 100644 --- a/activesupport/test/core_ext/string_ext_test.rb +++ b/activesupport/test/core_ext/string_ext_test.rb @@ -356,3 +356,89 @@ class StringBytesizeTest < Test::Unit::TestCase assert_equal 3, 'foo'.bytesize end end + +class OutputSafetyTest < ActiveSupport::TestCase + def setup + @string = "hello" + end + + test "A string is unsafe by default" do + assert !@string.html_safe? + end + + test "A string can be marked safe" do + @string.html_safe! + assert @string.html_safe? + end + + test "Marking a string safe returns the string" do + assert_equal @string, @string.html_safe! + end + + test "Adding a safe string to another safe string returns a safe string" do + @other_string = "other".html_safe! + @string.html_safe! + @combination = @other_string + @string + + assert_equal "otherhello", @combination + assert @combination.html_safe? + end + + test "Adding an unsafe string to a safe string returns an unsafe string" do + @other_string = "other".html_safe! + @combination = @other_string + @string + @other_combination = @string + @other_string + + assert_equal "otherhello", @combination + assert_equal "helloother", @other_combination + + assert !@combination.html_safe? + assert !@other_combination.html_safe? + end + + test "Concatting safe onto unsafe yields unsafe" do + @other_string = "other" + @string.html_safe! + + @other_string.concat(@string) + assert !@other_string.html_safe? + end + + test "Concatting unsafe onto safe yields unsafe" do + @other_string = "other".html_safe! + + @other_string.concat(@string) + assert !@other_string.html_safe? + end + + test "Concatting safe onto safe yields safe" do + @other_string = "other".html_safe! + @string.html_safe! + + @other_string.concat(@string) + assert @other_string.html_safe? + end + + test "Concatting safe onto unsafe with << yields unsafe" do + @other_string = "other" + @string.html_safe! + + @other_string << @string + assert !@other_string.html_safe? + end + + test "Concatting unsafe onto safe with << yields unsafe" do + @other_string = "other".html_safe! + + @other_string << @string + assert !@other_string.html_safe? + end + + test "Concatting safe onto safe with << yields safe" do + @other_string = "other".html_safe! + @string.html_safe! + + @other_string << @string + assert @other_string.html_safe? + end +end -- cgit v1.2.3 From 69aa5e8a86b1d33e057076dc6049e37c92b0e50f Mon Sep 17 00:00:00 2001 From: Pratik Naik Date: Fri, 9 Oct 2009 02:26:08 +0100 Subject: Ensure MessageVerifier raises appropriate exception on tampered data --- activesupport/lib/active_support/message_verifier.rb | 2 +- activesupport/test/message_verifier_test.rb | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index fcdc09ff08..282346b1a6 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -29,7 +29,7 @@ module ActiveSupport raise InvalidSignature if signed_message.blank? data, digest = signed_message.split("--") - if secure_compare(digest, generate_digest(data)) + if data.present? && digest.present? && secure_compare(digest, generate_digest(data)) Marshal.load(ActiveSupport::Base64.decode64(data)) else raise InvalidSignature diff --git a/activesupport/test/message_verifier_test.rb b/activesupport/test/message_verifier_test.rb index e6370bc3db..ef300e4e26 100644 --- a/activesupport/test/message_verifier_test.rb +++ b/activesupport/test/message_verifier_test.rb @@ -27,6 +27,7 @@ class MessageVerifierTest < Test::Unit::TestCase data, hash = @verifier.generate(@data).split("--") assert_not_verified("#{data.reverse}--#{hash}") assert_not_verified("#{data}--#{hash.reverse}") + assert_not_verified("purejunk") end def assert_not_verified(message) -- cgit v1.2.3 From 987d501182971c1e6cdf8acb748635d14cf0c341 Mon Sep 17 00:00:00 2001 From: Pratik Naik Date: Fri, 9 Oct 2009 15:03:18 +0100 Subject: Mute log info coming from the local_cache strategy --- activesupport/lib/active_support/cache.rb | 7 +++++++ .../lib/active_support/cache/memory_store.rb | 2 ++ .../lib/active_support/cache/strategy/local_cache.rb | 10 +++++----- activesupport/test/caching_test.rb | 19 +++++++++++++++++++ 4 files changed, 33 insertions(+), 5 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/cache.rb b/activesupport/lib/active_support/cache.rb index 25f9555388..a415686020 100644 --- a/activesupport/lib/active_support/cache.rb +++ b/activesupport/lib/active_support/cache.rb @@ -115,6 +115,13 @@ module ActiveSupport self end + def mute + previous_silence, @silence = defined?(@silence) && @silence, true + yield + ensure + @silence = previous_silence + end + # Fetches data from the cache, using the given key. If there is data in # the cache with the given key, then that data is returned. # diff --git a/activesupport/lib/active_support/cache/memory_store.rb b/activesupport/lib/active_support/cache/memory_store.rb index 66ce1bc93a..e6085d97ec 100644 --- a/activesupport/lib/active_support/cache/memory_store.rb +++ b/activesupport/lib/active_support/cache/memory_store.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/object/duplicable' + module ActiveSupport module Cache # A cache store implementation which stores everything into memory in the diff --git a/activesupport/lib/active_support/cache/strategy/local_cache.rb b/activesupport/lib/active_support/cache/strategy/local_cache.rb index 3b5fccc737..5f6fe22416 100644 --- a/activesupport/lib/active_support/cache/strategy/local_cache.rb +++ b/activesupport/lib/active_support/cache/strategy/local_cache.rb @@ -44,7 +44,7 @@ module ActiveSupport nil elsif value.nil? value = super - local_cache.write(key, value || NULL) if local_cache + local_cache.mute { local_cache.write(key, value || NULL) } if local_cache value.duplicable? ? value.dup : value else # forcing the value to be immutable @@ -54,12 +54,12 @@ module ActiveSupport def write(key, value, options = nil) value = value.to_s if respond_to?(:raw?) && raw?(options) - local_cache.write(key, value || NULL) if local_cache + local_cache.mute { local_cache.write(key, value || NULL) } if local_cache super end def delete(key, options = nil) - local_cache.write(key, NULL) if local_cache + local_cache.mute { local_cache.write(key, NULL) } if local_cache super end @@ -76,7 +76,7 @@ module ActiveSupport def increment(key, amount = 1) if value = super - local_cache.write(key, value.to_s) if local_cache + local_cache.mute { local_cache.write(key, value.to_s) } if local_cache value else nil @@ -85,7 +85,7 @@ module ActiveSupport def decrement(key, amount = 1) if value = super - local_cache.write(key, value.to_s) if local_cache + local_cache.mute { local_cache.write(key, value.to_s) } if local_cache value else nil diff --git a/activesupport/test/caching_test.rb b/activesupport/test/caching_test.rb index 7667f11343..892aa97ad7 100644 --- a/activesupport/test/caching_test.rb +++ b/activesupport/test/caching_test.rb @@ -342,3 +342,22 @@ uses_memcached 'memcached backed store' do include CacheStoreBehavior end end + +class CacheStoreLoggerTest < ActiveSupport::TestCase + def setup + @cache = ActiveSupport::Cache.lookup_store(:memory_store) + + @buffer = StringIO.new + @cache.logger = Logger.new(@buffer) + end + + def test_logging + @cache.fetch('foo') { 'bar' } + assert @buffer.string.present? + end + + def test_mute_logging + @cache.mute { @cache.fetch('foo') { 'bar' } } + assert @buffer.string.blank? + end +end -- cgit v1.2.3 From c23d28e2b39eea266bc783c5e6b656b84866ee84 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Wed, 7 Oct 2009 16:59:51 -0700 Subject: To unmarshal MissingSourceFile from child --- activesupport/lib/active_support/testing/isolation.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/testing/isolation.rb b/activesupport/lib/active_support/testing/isolation.rb index cdd6d5f49b..bec303f6ab 100644 --- a/activesupport/lib/active_support/testing/isolation.rb +++ b/activesupport/lib/active_support/testing/isolation.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/load_error' + module ActiveSupport module Testing class ProxyTestResult @@ -107,4 +109,4 @@ if ENV['ISOLATION_TEST'] super && test.method_name == ENV['ISOLATION_TEST'] end end -end \ No newline at end of file +end -- cgit v1.2.3