Example #1
0
    def handle_slow_request(self, environ, dt):
        headers = dict(get_headers(environ))
        if 'Authorization' in headers:
            headers['Authorization'] = 'redacted'
        if 'Cookie' in headers:
            headers['Cookie'] = 'redacted'
        cak = environ.get('controller_action_key', None) or environ.get('PATH_INFO', "NOPATH").strip('/').replace('/', '.')
        event_id = self.client.captureMessage(
            "SLOREQ: %s" % cak,
            data={
                'sentry.interfaces.Http': {
                    'method': environ.get('REQUEST_METHOD'),
                    'url': get_current_url(environ, strip_querystring=True),
                    'query_string': environ.get('QUERY_STRING'),
                    'headers': headers,
                    'env': dict(get_environ(environ)),
                }
            },
            extra={
                'request_id': environ.get('request_id', 'Unknown'),
                'request_duration_millis': dt * 1000
            },
            level="warning",
            tags={
                'type': 'sloreq',
                'action_key': cak
            }

        )
        # Galaxy: store event_id in environment so we can show it to the user
        environ['sentry_event_id'] = event_id
        return event_id
Example #2
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    try:
        formdata = request.form
    except ClientDisconnected:
        formdata = {}

    data = {
        'sentry.interfaces.Http': {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }
    try:
        user_data = get_user_info(request)
    except Exception as e:
        logger.exception(e)
    else:
        if user_data:
            data['sentry.interfaces.User'] = user_data

    return data
Example #3
0
    def __call__(self, request, response, obj, error_info,
                 short_message, full_traceback, extra):
        raven_data = {
            'message': "".join(short_message),
            'sentry.interfaces.Http': {
                'url': request.get('URL', 'n/a'),
                'method': request.environ.get('REQUEST_METHOD', 'n/a'),
                'query_string': request.environ.get('QUERY_STRING', 'n/a'),
                'headers': dict(wsgi_utils.get_headers(request.environ)),
                'env': dict(wsgi_utils.get_environ(request.environ))
                }}
        raven_extra = {
            'User':  request.get('AUTHENTICATED_USER', 'n/a') or 'n/a'}
        if obj is not None:
            raven_extra.update({
                    'Object Class': object_name(obj),
                    'Object Name': object_path(obj),
                    })
        if extra is not None:
            raven_extra.update({
                    'Extra Information': extra
                    })

        self.client.captureException(
            exc_info=error_info, data=raven_data, extra=raven_extra)
Example #4
0
    def get_data_from_request(self, request):
        if request.method == 'POST':
            try:
                data = request.raw_post_data and request.raw_post_data or request.POST
            except Exception:
                # assume we had a partial read:
                data = '<unavailable>'
        else:
            data = dict(request.REQUEST.items())

        environ = request.META

        result = {
            'sentry.interfaces.Http': {
                'method': request.method,
                'url': request.build_absolute_uri(),
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        }

        if hasattr(request, 'user'):
            result['sentry.interfaces.User'] = self.get_user_info(request)

        return result
Example #5
0
    def get_data_from_request(self, request):
        from django.contrib.auth.models import User, AnonymousUser

        if request.method != "GET":
            if hasattr(request, "body"):
                data = request.body
            else:
                try:
                    data = request.raw_post_data and request.raw_post_data or request.POST
                except Exception:
                    # assume we had a partial read:
                    data = "<unavailable>"
        else:
            data = None

        environ = request.META

        result = {
            "sentry.interfaces.Http": {
                "method": request.method,
                "url": request.build_absolute_uri(),
                "query_string": request.META.get("QUERY_STRING"),
                "data": data,
                "cookies": dict(request.COOKIES),
                "headers": dict(get_headers(environ)),
                "env": dict(get_environ(environ)),
            }
        }

        if hasattr(request, "user") and isinstance(request.user, (User, AnonymousUser)):
            result["sentry.interfaces.User"] = self.get_user_info(request)

        return result
Example #6
0
    def get_data_from_request(self, request):
        from django.contrib.auth.models import User, AnonymousUser

        if request.method != 'GET':
            try:
                data = request.raw_post_data and request.raw_post_data or request.POST
            except Exception:
                # assume we had a partial read:
                data = '<unavailable>'
        else:
            data = None

        environ = request.META

        result = {
            'sentry.interfaces.Http': {
                'method': request.method,
                'url': request.build_absolute_uri(),
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        }

        if hasattr(request, 'user') and isinstance(request.user, (User, AnonymousUser)):
            result['sentry.interfaces.User'] = self.get_user_info(request)

        return result
Example #7
0
    def get_data_from_request(self, request):
        try:
            from django.contrib.auth.models import AbstractBaseUser as BaseUser
        except ImportError:
            from django.contrib.auth.models import User as BaseUser  # NOQA
        except RuntimeError:
            # If the contenttype / user applications are not installed trying to
            # import the user models will fail for django >= 1.9.
            BaseUser = None

        result = {}

        if BaseUser and hasattr(request, 'user') and isinstance(request.user, BaseUser):
            result['user'] = self.get_user_info(request.user)

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # attempt to build a URL for reporting as Django won't allow us to
            # use get_host()
            if request.is_secure():
                scheme = 'https'
            else:
                scheme = 'http'
            host = get_host(request)
            uri = '%s://%s%s' % (scheme, host, request.path)

        if request.method not in ('GET', 'HEAD'):
            try:
                data = request.body
            except Exception:
                try:
                    data = request.raw_post_data
                except Exception:
                    # assume we had a partial read.
                    try:
                        data = request.POST or '<unavailable>'
                    except Exception:
                        data = '<unavailable>'
        else:
            data = None

        environ = request.META

        result.update({
            'request': {
                'method': request.method,
                'url': uri,
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        })

        return result
Example #8
0
    def get_data_from_request(self, request):
        result = {}

        user = getattr(request, 'user', None)
        if user is not None:
            user_info = self.get_user_info(user)
            if user_info:
                result['user'] = user_info

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # attempt to build a URL for reporting as Django won't allow us to
            # use get_host()
            if request.is_secure():
                scheme = 'https'
            else:
                scheme = 'http'
            host = get_host(request)
            uri = '%s://%s%s' % (scheme, host, request.path)

        if request.method not in ('GET', 'HEAD'):
            try:
                data = request.body
            except Exception:
                try:
                    data = request.raw_post_data
                except Exception:
                    # assume we had a partial read.
                    try:
                        data = request.POST or '<unavailable>'
                    except Exception:
                        data = '<unavailable>'
                    else:
                        if isinstance(data, MultiValueDict):
                            data = dict(
                                (k, v[0] if len(v) == 1 else v)
                                for k, v in iterlists(data))
        else:
            data = None

        environ = request.META

        result.update({
            'request': {
                'method': request.method,
                'url': uri,
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        })

        return result
Example #9
0
 def _get_http_context(self, record, request):
     urlparts = _urlparse.urlsplit(request.url)
     return {
         "url": "%s://%s%s" % (urlparts.scheme, urlparts.netloc, urlparts.path),
         "query_string": urlparts.query,
         "method": request.method,
         "data": self._get_http_request_data(request),
         "headers": dict(get_headers(request.environ)),
         "env": dict(get_environ(request.environ)),
     }
Example #10
0
 def get_http_context(self, environ):
     return {
         "method": environ.get("REQUEST_METHOD"),
         "url": get_current_url(environ, strip_querystring=True),
         "query_string": environ.get("QUERY_STRING"),
         # TODO
         # 'data': environ.get('wsgi.input'),
         "headers": dict(get_headers(environ)),
         "env": dict(get_environ(environ)),
     }
Example #11
0
 def get_http_context(self, environ):
     return {
         'method': environ.get('REQUEST_METHOD'),
         'url': get_current_url(environ, strip_querystring=True),
         'query_string': environ.get('QUERY_STRING'),
         # TODO
         # 'data': environ.get('wsgi.input'),
         'headers': dict(get_headers(environ)),
         'env': dict(get_environ(environ)),
     }
Example #12
0
def http_context_data(request):
    return {
        'url': request.url,
        'method': request.method,
        'data': request.body,
        'query_string': request.query_string,
        'cookies': dict(request.cookies),
        'headers': dict(request.headers),
        'env': dict(get_environ(request.environ)),
    }
Example #13
0
    def get_data_from_request(self, request):
        try:
            from django.contrib.auth.models import AbstractBaseUser as BaseUser
        except ImportError:
            from django.contrib.auth.models import User as BaseUser  # NOQA

        result = {}

        if hasattr(request, "user") and isinstance(request.user, BaseUser):
            result["user"] = self.get_user_info(request.user)

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # attempt to build a URL for reporting as Django won't allow us to
            # use get_host()
            if request.is_secure():
                scheme = "https"
            else:
                scheme = "http"
            host = get_host(request)
            uri = "%s://%s%s" % (scheme, host, request.path)

        if request.method != "GET":
            try:
                data = request.body
            except Exception:
                try:
                    data = request.raw_post_data
                except Exception:
                    # assume we had a partial read.
                    try:
                        data = request.POST or "<unavailable>"
                    except Exception:
                        data = "<unavailable>"
        else:
            data = None

        environ = request.META

        result.update(
            {
                "request": {
                    "method": request.method,
                    "url": uri,
                    "query_string": request.META.get("QUERY_STRING"),
                    "data": data,
                    "cookies": dict(request.COOKIES),
                    "headers": dict(get_headers(environ)),
                    "env": dict(get_environ(environ)),
                }
            }
        )

        return result
Example #14
0
def get_data_from_request():
    """Returns request data extracted from web.ctx."""
    return {
        'sentry.interfaces.Http': {
            'url': '%s://%s%s' % (web.ctx['protocol'], web.ctx['host'], web.ctx['path']),
            'query_string': web.ctx.query,
            'method': web.ctx.method,
            'data': web.data(),
            'headers': dict(get_headers(web.ctx.environ)),
            'env': dict(get_environ(web.ctx.environ)),
        }
    }
Example #15
0
 def handle_exception(self, environ):
     event_id = self.client.captureException(
         data={
             'sentry.interfaces.Http': {
                 'method': environ.get('REQUEST_METHOD'),
                 'url': get_current_url(environ, strip_querystring=True),
                 'query_string': environ.get('QUERY_STRING'),
                 'headers': self.cleanup_headers(dict(get_headers(environ))),
                 'env': dict(get_environ(environ)),
             }
         },
     )
     return event_id
Example #16
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    return {
        "sentry.interfaces.Http": {
            "url": "%s://%s%s" % (urlparts.scheme, urlparts.netloc, urlparts.path),
            "query_string": urlparts.query,
            "method": request.method,
            "data": request.form or request.args,
            "headers": dict(get_headers(request.environ)),
            "env": dict(get_environ(request.environ)),
        }
    }
Example #17
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    return {
        'sentry.interfaces.Http': {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': request.form,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }
Example #18
0
def get_request_info(request):
    '''
    Returns context data extracted from :param:`request`.

    Heavily based on flask integration for Sentry: https://git.io/vP4i9.
    '''
    urlparts = _urlparse.urlsplit(request.url)
    return {
        'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
        'query_string': urlparts.query,
        'method': request.method,
        'headers': dict(get_headers(request.environ)),
        'env': dict(get_environ(request.environ)),
    }
Example #19
0
    def get_data_from_request(self, request):
        try:
            from django.contrib.auth.models import AbstractBaseUser as BaseUser
        except ImportError:
            from django.contrib.auth.models import User as BaseUser  # NOQA

        result = {}

        if hasattr(request, 'user') and isinstance(request.user, BaseUser):
            result['sentry.interfaces.User'] = self.get_user_info(request.user)

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # attempt to build a URL for reporting as Django won't allow us to
            # use get_host()
            if request.is_secure():
                scheme = 'https'
            else:
                scheme = 'http'
            host = get_host(request)
            uri = '%s://%s%s' % (scheme, host, request.path)

        if request.method != 'GET':
            try:
                data = request.body
            except:
                try:
                    data = request.raw_post_data and request.raw_post_data or request.POST
                except Exception:
                    # assume we had a partial read:
                    data = '<unavailable>'
        else:
            data = None

        environ = request.META

        result.update({
            'sentry.interfaces.Http': {
                'method': request.method,
                'url': uri,
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        })

        return result
Example #20
0
def request2crashreporting(request):
    """
    Transform django/wsgi request object to a dict the crash reporting
    can understand.
    """
    data = {}
    # Pieces grabbed from raven.contrib.django.client
    try:
        uri = request.build_absolute_uri()
    except SuspiciousOperation:
        # attempt to build a URL for reporting as Django won't allow us to
        # use get_host()
        if request.is_secure():
            scheme = 'https'
        else:
            scheme = 'http'
        host = get_host(request)
        uri = '%s://%s%s' % (scheme, host, request.path)

    rdata = None
    if request.method not in ('GET', 'HEAD'):
        try:
            rdata = request.body
        except Exception:
            try:
                rdata = request.raw_post_data
            except Exception:
                # assume we had a partial read.
                try:
                    rdata = request.POST or '<unavailable>'
                except Exception:
                    rdata = '<unavailable>'
                else:
                    if isinstance(rdata, MultiValueDict):
                        rdata = dict(
                            (k, v[0] if len(v) == 1 else v)
                            for k, v in iter(rdata.lists()))


    data['request'] = {
        'method': request.method,
        'url': uri,
        'query_string': request.META.get('QUERY_STRING'),
        'data': rdata,
        'cookies': dict(request.COOKIES),
        'headers': dict(get_headers(request.META)),
        'env': dict(get_environ(request.META)),
    }
    return data
Example #21
0
 def handle_exception(self, environ):
     event_id = self.client.captureException(
         data={
             "sentry.interfaces.Http": {
                 "method": environ.get("REQUEST_METHOD"),
                 "url": get_current_url(environ, strip_querystring=True),
                 "query_string": environ.get("QUERY_STRING"),
                 # TODO
                 # 'data': environ.get('wsgi.input'),
                 "headers": dict(get_headers(environ)),
                 "env": dict(get_environ(environ)),
             }
         }
     )
     return event_id
Example #22
0
    def get_http_info(self, request):
        urlparts = _urlparse.urlsplit(request.url)

        try:
            formdata = request.form
        except ClientDisconnected:
            formdata = {}

        return {
            "url": "%s://%s%s" % (urlparts.scheme, urlparts.netloc, urlparts.path),
            "query_string": urlparts.query,
            "method": request.method,
            "data": formdata,
            "headers": dict(get_headers(request.environ)),
            "env": dict(get_environ(request.environ)),
        }
Example #23
0
    def get_http_info(self, request):
        urlparts = _urlparse.urlsplit(request.url)

        try:
            formdata = request.form
        except ClientDisconnected:
            formdata = {}

        return {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
Example #24
0
    def get_http_info(self, request):
        urlparts = _urlparse.urlsplit(request.url)

        try:
            formdata = request.form
        except ClientDisconnected:
            formdata = {}

        return {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
 def handle_exception(self, exc_info, environ):
     event_id = self.client.capture('Exception',
         exc_info=exc_info,
         data={
             'sentry.interfaces.Http': {
                 'method': environ.get('REQUEST_METHOD'),
                 'url': get_current_url(environ, strip_querystring=True),
                 'query_string': environ.get('QUERY_STRING'),
                 # TODO
                 # 'data': environ.get('wsgi.input'),
                 'headers': dict(get_headers(environ)),
                 'env': dict(get_environ(environ)),
             }
         },
     )
     return event_id
Example #26
0
def request2crashreporting(request):
    """
    Transform django/wsgi request object to a dict the crash reporting
    can understand.
    """
    data = {}
    # Pieces grabbed from raven.contrib.django.client
    try:
        uri = request.build_absolute_uri()
    except SuspiciousOperation:
        # attempt to build a URL for reporting as Django won't allow us to
        # use get_host()
        if request.is_secure():
            scheme = 'https'
        else:
            scheme = 'http'
        host = get_host(request)
        uri = '%s://%s%s' % (scheme, host, request.path)

    rdata = None
    if request.method not in ('GET', 'HEAD'):
        try:
            rdata = request.body
        except Exception:
            try:
                rdata = request.raw_post_data
            except Exception:
                # assume we had a partial read.
                try:
                    rdata = request.POST or '<unavailable>'
                except Exception:
                    rdata = '<unavailable>'
                else:
                    if isinstance(rdata, MultiValueDict):
                        rdata = dict((k, v[0] if len(v) == 1 else v)
                                     for k, v in iter(rdata.lists()))

    data['request'] = {
        'method': request.method,
        'url': uri,
        'query_string': request.META.get('QUERY_STRING'),
        'data': rdata,
        'cookies': dict(request.COOKIES),
        'headers': dict(get_headers(request.META)),
        'env': dict(get_environ(request.META)),
    }
    return data
Example #27
0
def get_raven_client(request):
    """Return the Raven client for reporting crashes to Sentry."""
    client = request.registry["raven.client"]
    client.http_context({
        'url': request.url,
        'method': request.method,
        'data': request.body,
        'query_string': request.query_string,
        'cookies': dict(request.cookies),
        'headers': dict(request.headers),
        'env': dict(get_environ(request.environ)),
    })
    client.user_context({
        'ip_address': request.client_addr,
    })
    request.add_finished_callback(lambda request: client.context.clear())
    return client
Example #28
0
    def get_data_from_request(self, request):

        result = {}

        if hasattr(request, 'user'):
            result['sentry.interfaces.User'] = self.get_user_info(request.user)

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # attempt to build a URL for reporting as Django won't allow us to
            # use get_host()
            if request.is_secure():
                scheme = 'https'
            else:
                scheme = 'http'
            host = get_host(request)
            uri = '%s://%s%s' % (scheme, host, request.path)

        if request.method != 'GET':
            try:
                data = request.body
            except:
                try:
                    data = request.raw_post_data and request.raw_post_data or request.POST
                except Exception:
                    # assume we had a partial read:
                    data = '<unavailable>'
        else:
            data = None

        environ = request.META

        result.update({
            'sentry.interfaces.Http': {
                'method': request.method,
                'url': uri,
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        })

        return result
Example #29
0
def get_data_from_request():
    return {
        'request': {
            'url':
            '%s://%s%s' %
            (web.ctx['protocol'], web.ctx['host'], web.ctx['path']),
            'query_string':
            web.ctx.query,
            'method':
            web.ctx.method,
            'data':
            web.data(),
            'headers':
            dict(get_headers(web.ctx.environ)),
            'env':
            dict(get_environ(web.ctx.environ))
        }
    }
Example #30
0
def get_data_from_request():
    """Returns request data extracted from web.ctx."""
    return {
        'sentry.interfaces.Http': {
            'url':
            '%s://%s%s' %
            (web.ctx['protocol'], web.ctx['host'], web.ctx['path']),
            'query_string':
            web.ctx.query,
            'method':
            web.ctx.method,
            'data':
            web.data(),
            'headers':
            dict(get_headers(web.ctx.environ)),
            'env':
            dict(get_environ(web.ctx.environ)),
        }
    }
Example #31
0
    def handle_exception(self, environ):
        event_id = self.client.captureException(
            data={
                'sentry.interfaces.Http': {
                    'method': environ.get('REQUEST_METHOD'),
                    'url': get_current_url(environ, strip_querystring=True),
                    'query_string': environ.get('QUERY_STRING'),
                    # TODO
                    # 'data': environ.get('wsgi.input'),
                    'headers': dict(get_headers(environ)),
                    'env': dict(get_environ(environ)),
                }
            },
            # Galaxy: add request id from environment if available
            extra={'request_id': environ.get('request_id', 'Unknown')})
        # Galaxy: store event_id in environment so we can show it to the user
        environ['sentry_event_id'] = event_id[0]

        return event_id
Example #32
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    try:
        formdata = request.form
    except ClientDisconnected:
        formdata = {}

    return {
        'sentry.interfaces.Http': {
            'url':
            '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }
Example #33
0
    def get_http_info_with_retriever(self, request, retriever=None):
        """
        Exact method for getting http_info but with form data work around.
        """
        urlparts = _urlparse.urlsplit(request.url)

        try:
            data = retriever(request)
        except (ClientDisconnected, TypeError):
            data = {}

        return {
            "url": "%s://%s%s" % (urlparts.scheme, urlparts.netloc, urlparts.path),
            "query_string": urlparts.query,
            "method": request.method,
            "data": data,
            "headers": dict(get_headers(request.environ)),
            "env": dict(get_environ(request.environ)),
        }
Example #34
0
    def get_data_from_request(self, request):
        from django.contrib.auth.models import User, AnonymousUser

        result = {}

        if hasattr(request, 'user') and isinstance(request.user,
                                                   (User, AnonymousUser)):
            result['sentry.interfaces.User'] = self.get_user_info(request)

        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            # Bail early if the URL has an invalid host
            return result

        if request.method != 'GET':
            if hasattr(request, 'body'):
                data = request.body
            else:
                try:
                    data = request.raw_post_data and request.raw_post_data or request.POST
                except Exception:
                    # assume we had a partial read:
                    data = '<unavailable>'
        else:
            data = None

        environ = request.META

        result.update({
            'sentry.interfaces.Http': {
                'method': request.method,
                'url': uri,
                'query_string': request.META.get('QUERY_STRING'),
                'data': data,
                'cookies': dict(request.COOKIES),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        })

        return result
Example #35
0
    def get_http_context(self, environ):
        from raven.utils.wsgi import get_current_url, get_headers, get_environ
        data = {
            'method': environ.get('REQUEST_METHOD'),
            'url': get_current_url(environ, strip_querystring=True),
            'query_string': environ.get('QUERY_STRING'),
            # TODO
            # 'data': environ.get('wsgi.input'),
            'headers': dict(get_headers(environ)),
            'env': dict(get_environ(environ)),
        }

        for k in environ.keys():
            try:
                if k not in data['env'] and environ.get(k):
                    data['env'][k.upper()] = str(environ.get(k))
            except:
                pass

        return data
Example #36
0
    def get_http_context(self, environ):
        from raven.utils.wsgi import get_current_url, get_headers, get_environ
        data = {
            'method': environ.get('REQUEST_METHOD'),
            'url': get_current_url(environ, strip_querystring=True),
            'query_string': environ.get('QUERY_STRING'),
            # TODO
            # 'data': environ.get('wsgi.input'),
            'headers': dict(get_headers(environ)),
            'env': dict(get_environ(environ)),
        }

        for k in environ.keys():
            try:
                if k not in data['env'] and environ.get(k):
                    data['env'][k.upper()] = str(environ.get(k))
            except:
                pass

        return data
Example #37
0
    def handle_exception(self, environ):
        headers = dict(get_headers(environ))
        # Authorization header for REMOTE_USER sites consists of a base64() of
        # their plaintext password. It is a security issue for this password to
        # be exposed to a third party system which may or may not be under
        # control of the same administrators as the local Authentication
        # system. E.g. university LDAP systems.
        if 'Authorization' in headers:
            # Redact so the administrator knows that a value is indeed present.
            headers['Authorization'] = 'redacted'
        # Passing cookies allows for impersonation of users (depending on
        # remote service) and can be considered a security risk as well. For
        # multiple services running alongside Galaxy on the same host, this
        # could allow a sentry user with access to logs to impersonate a user
        # on another service. In the case of services like Jupyter, this can be
        # a serious concern as that would allow for terminal access. Furthermore,
        # very little debugging information can be gained as a result of having
        # access to all of the users cookies (including Galaxy cookies)
        if 'Cookie' in headers:
            headers['Cookie'] = 'redacted'
        event_id = self.client.captureException(
            data={
                'sentry.interfaces.Http': {
                    'method': environ.get('REQUEST_METHOD'),
                    'url': get_current_url(environ, strip_querystring=True),
                    'query_string': environ.get('QUERY_STRING'),
                    # TODO
                    # 'data': environ.get('wsgi.input'),
                    'headers': headers,
                    'env': dict(get_environ(environ)),
                }
            },
            # Galaxy: add request id from environment if available
            extra={
                'request_id': environ.get('request_id', 'Unknown')
            }
        )
        # Galaxy: store event_id in environment so we can show it to the user
        environ['sentry_event_id'] = event_id

        return event_id
Example #38
0
    def handle_exception(self, environ):
        headers = dict(get_headers(environ))
        # Authorization header for REMOTE_USER sites consists of a base64() of
        # their plaintext password. It is a security issue for this password to
        # be exposed to a third party system which may or may not be under
        # control of the same administrators as the local Authentication
        # system. E.g. university LDAP systems.
        if 'Authorization' in headers:
            # Redact so the administrator knows that a value is indeed present.
            headers['Authorization'] = 'redacted'
        # Passing cookies allows for impersonation of users (depending on
        # remote service) and can be considered a security risk as well. For
        # multiple services running alongside Galaxy on the same host, this
        # could allow a sentry user with access to logs to impersonate a user
        # on another service. In the case of services like IPython, this can be
        # a serious concern as that would allow for terminal access. Furthermore,
        # very little debugging information can be gained as a result of having
        # access to all of the users cookies (including Galaxy cookies)
        if 'Cookie' in headers:
            headers['Cookie'] = 'redacted'
        event_id = self.client.captureException(
            data={
                'sentry.interfaces.Http': {
                    'method': environ.get('REQUEST_METHOD'),
                    'url': get_current_url(environ, strip_querystring=True),
                    'query_string': environ.get('QUERY_STRING'),
                    # TODO
                    # 'data': environ.get('wsgi.input'),
                    'headers': headers,
                    'env': dict(get_environ(environ)),
                }
            },
            # Galaxy: add request id from environment if available
            extra={
                'request_id': environ.get( 'request_id', 'Unknown' )
            }
        )
        # Galaxy: store event_id in environment so we can show it to the user
        environ['sentry_event_id'] = event_id[0]

        return event_id
Example #39
0
 def send_sentry(self, metadata, msg=None, data=None, **kwargs):
     from raven.utils.wsgi import get_current_url, get_environ, get_headers
     if data is None:
         data = {}
     if 'SENTRY_ID' in self.environ:
         data['event_id'] = self.environ['SENTRY_ID']
     # sentry displays these specific fields in a different way
     http_context = {
         'url': get_current_url(self.environ),
         # we don't use the sanitized version from metadata, we want the
         # real query string
         'query_string': self.environ.get('QUERY_STRING'),
         'method': metadata['method'],
         'headers': dict(get_headers(self.environ)),
         'env': dict(get_environ(self.environ)),
     }
     talisker.sentry.report_wsgi(http_context,
                                 exc_info=self.exc_info,
                                 msg=msg,
                                 data=data,
                                 **kwargs)
Example #40
0
    def get_data_from_request(self, request):
        result = {}
        user = getattr(request, 'user', None)
        if user is not None:
            user_info = self.get_user_info(user)
            if user_info:
                result['user'] = user_info
        try:
            uri = request.build_absolute_uri()
        except SuspiciousOperation:
            if request.is_secure():
                scheme = 'https'
            else:
                scheme = 'http'
            host = get_host(request)
            uri = '%s://%s%s' % (scheme, host, request.path)

        if request.method not in ('GET', 'HEAD'):
            try:
                data = request.body
            except Exception:
                try:
                    data = request.raw_post_data
                except Exception:
                    try:
                        data = request.POST or '<unavailable>'
                    except Exception:
                        data = '<unavailable>'

        else:
            data = None
        environ = request.META
        result.update({'request': {'method': request.method,
                     'url': uri,
                     'query_string': request.META.get('QUERY_STRING'),
                     'data': data,
                     'cookies': dict(request.COOKIES),
                     'headers': dict(get_headers(environ)),
                     'env': dict(get_environ(environ))}})
        return result
 def __call__(self, environ, start_response):
     try:
         return self._handle_request(environ, start_response)
     except (KeyboardInterrupt, SystemExit):
         raise
     except:
         if self.error_reporter:
             self.error_reporter.http_context({
                 'method':
                 environ.get('REQUEST_METHOD'),
                 'url':
                 get_current_url(environ, strip_querystring=True),
                 'query_string':
                 environ.get('QUERY_STRING'),
                 'headers':
                 dict(get_headers(environ)),
                 'env':
                 dict(get_environ(environ)),
             })
             self.error_reporter.captureException()
             self.error_reporter.context.clear()
         raise
Example #42
0
    def get_http_info_with_retriever(self, request, retriever=None):
        """
        Exact method for getting http_info but with form data work around.
        """
        if retriever is None:
            retriever = self.get_form_data

        urlparts = _urlparse.urlsplit(request.url)

        try:
            data = retriever(request)
        except ClientDisconnected:
            data = {}

        return {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': data,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
Example #43
0
    def report(self, traceback):
        environ = traceback.context.get('environ', {})
        data = {
            'sentry.interfaces.Http': {
                'method': environ.get('REQUEST_METHOD'),
                'url': get_current_url(environ, strip_querystring=True),
                'query_string': environ.get('QUERY_STRING'),
                # TODO
                # 'data': environ.get('wsgi.input'),
                'headers': dict(get_headers(environ)),
                'env': dict(get_environ(environ)),
            }
        }

        is_backlash_event = getattr(traceback.exc_value, 'backlash_event', False)
        if is_backlash_event:
            # Just a Stack Dump request from backlash
            self.client.captureMessage(traceback.exception, data=data,
                                       stack=traceback.frames)
        else:
            # This is a real crash
            self.client.captureException(exc_info=traceback.exc_info, data=data)
Example #44
0
    def handle_exception(self, environ):
        event_id = self.client.captureException(
            data={
                'sentry.interfaces.Http': {
                    'method': environ.get('REQUEST_METHOD'),
                    'url': get_current_url(environ, strip_querystring=True),
                    'query_string': environ.get('QUERY_STRING'),
                    # TODO
                    # 'data': environ.get('wsgi.input'),
                    'headers': dict(get_headers(environ)),
                    'env': dict(get_environ(environ)),
                }
            },
            # Galaxy: add request id from environment if available
            extra={
                'request_id': environ.get( 'request_id', 'Unknown' )
            }
        )
        # Galaxy: store event_id in environment so we can show it to the user
        environ['sentry_event_id'] = event_id[0]

        return event_id
Example #45
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    try:
        form_dict = request.forms.dict
        # we only are about the most recent one
        formdata = dict([(k, form_dict[k][-1]) for k in form_dict])
    except Exception:
        formdata = {}

    data = {
        'request': {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }

    return data
Example #46
0
def get_data_from_request(request):
    urlparts = urlparse.urlsplit(request.url)

    try:
        form_dict = request.forms.dict
        # we only are about the most recent one
        formdata = dict([(k, form_dict[k][-1]) for k in form_dict])
    except Exception:
        formdata = {}

    data = {
        'sentry.interfaces.Http': {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }

    return data
Example #47
0
    def get_data(self, data, **kwargs):
        if 'sentry.interfaces.Http' in data or not has_request_context():
            return
        environ = request.environ
        headers = dict(request.headers)
        guru_key = getattr(request, 'guru_id_header', None)
        if guru_key and guru_key not in headers:
            headers[guru_key] = getattr(request, 'guru_id', None)

        request_data = {
            'sentry.interfaces.Http': {
                'method': environ.get('REQUEST_METHOD'),
                'url': get_current_url(environ, strip_querystring=True),
                'query_string': environ.get('QUERY_STRING'),
                # TODO
                # 'data': environ.get('wsgi.input'),
                'headers': headers,
                'env': dict(get_environ(environ)),
                'form': dict(request.form),
            }
        }
        data.update(request_data)
Example #48
0
    def get_http_info_with_retriever(self, request, retriever=None):
        """
        Exact method for getting http_info but with form data work around.
        """
        if retriever is None:
            retriever = self.get_form_data

        urlparts = urlparse.urlsplit(request.url)

        try:
            data = retriever(request)
        except ClientDisconnected:
            data = {}

        return {
            'url': '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': data,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
Example #49
0
def get_data_from_request(request):
    try:
        from flask.globals import _request_ctx_stack
    except ImportError:
        pass
    else:
        if not _request_ctx_stack.top:
            return {}

    urlparts = _urlparse.urlsplit(request.url)

    try:
        formdata = request.form
    except ClientDisconnected:
        formdata = {}

    data = {
        'sentry.interfaces.Http': {
            'url':
            '%s://%s%s' % (urlparts.scheme, urlparts.netloc, urlparts.path),
            'query_string': urlparts.query,
            'method': request.method,
            'data': formdata,
            'headers': dict(get_headers(request.environ)),
            'env': dict(get_environ(request.environ)),
        }
    }
    try:
        user_data = get_user_info(request)
    except Exception as e:
        logger.exception(e)
    else:
        if user_data:
            data['sentry.interfaces.User'] = user_data

    return data
Example #50
0
 def test_hides_wsgi_input(self):
     result = list(get_environ({'wsgi.input': 'foo'}))
     self.assertNotIn('wsgi.input', result)
Example #51
0
 def test_has_server_port(self):
     result = dict(get_environ({'SERVER_PORT': 80}))
     self.assertIn('SERVER_PORT', result)
     self.assertEquals(result['SERVER_PORT'], 80)
Example #52
0
 def test_has_server_name(self):
     result = dict(get_environ({'SERVER_NAME': '127.0.0.1'}))
     self.assertIn('SERVER_NAME', result)
     self.assertEquals(result['SERVER_NAME'], '127.0.0.1')
Example #53
0
 def test_has_remote_addr(self):
     result = dict(get_environ({'REMOTE_ADDR': '127.0.0.1'}))
     self.assertIn('REMOTE_ADDR', result)
     self.assertEquals(result['REMOTE_ADDR'], '127.0.0.1')