Permalink
Browse files

RT#64492: add 'include_session' option and accompanying output

  • Loading branch information...
1 parent cf5f033 commit c10c980755d4406527561a85f5f05f1032621103 Chisel Wright committed Jan 11, 2011
Showing with 118 additions and 9 deletions.
  1. +1 −0 Changes
  2. +4 −1 dist.ini
  3. +34 −6 lib/Catalyst/Plugin/ErrorCatcher.pm
  4. +16 −0 t/04.trace.t
  5. +1 −1 t/05.emit.email.t
  6. +41 −0 t/08.report.session.t
  7. +5 −1 t/lib/TestApp.pm
  8. +16 −0 t/lib/testapp-session.conf
View
@@ -3,6 +3,7 @@ This file documents the revision history for Catalyst::Plugin::ErrorCatcher
{{$NEXT}}
- RT#60483: specify minimum versions for plugins
to force the earliest MRO::Compat version
+ - RT#64492: add 'include_session' option and accompanying output
0.0.8.5 2011-01-04 22:56:54 Europe/London
- Make file/path munging behave more sensibly
View
@@ -1,5 +1,5 @@
name = Catalyst-Plugin-ErrorCatcher
-version = 0.0.8.5
+version = 0.0.8.6
author = Chisel Wright <chisel@chizography.net>
license = Perl_5
copyright_holder = Chisel Wright
@@ -44,6 +44,9 @@ MRO::Compat = 0
Path::Class = 0
Sys::Hostname = 0
Config::General = 0
+Catalyst::Plugin::Session = 0
+Catalyst::Plugin::Session::Store::File = 0
+Catalyst::Plugin::Session::State::Cookie = 0
; https://rt.cpan.org/Ticket/Display.html?id=60483
; earliest version requiring MRO::Compat instead of NEXT
Catalyst::Plugin::StackTrace = 0.10
@@ -27,9 +27,10 @@ sub setup {
my $config = $c->config->{'Plugin::ErrorCatcher'} || {};
# set some defaults
- $config->{context} ||= 4;
- $config->{verbose} ||= 0;
- $config->{always_log} ||= 0;
+ $config->{context} ||= 4;
+ $config->{verbose} ||= 0;
+ $config->{always_log} ||= 0;
+ $config->{include_session} ||= 0;
# start with an empty hash
$c->_errorcatcher_emitter_of({});
@@ -385,6 +386,21 @@ sub _prepare_message {
$feedback .= "\nStack trace unavailable - use and enable Catalyst::Plugin::StackTrace\n";
}
+ # RT-64492 - add session data if requested
+ if (
+ $c->_errorcatcher_cfg->{include_session}
+ and defined $c->session
+ ) {
+ eval { require Data::Dump };
+ if (my $e=$@) {
+ $feedback .= "\nSession data requested but failed to require Data::Dump:\n";
+ $feedback .= " $e\n"
+ }
+ else {
+ $feedback .= "\nSession Data:\n" . Data::Dump::pp($c->session) . "\n";
+ }
+ }
+
# in case we bugger up the s/// on the original error message
if ($full_error) {
$feedback .= "\nOriginal Error:\n\n$full_error";
@@ -470,9 +486,10 @@ L<Catalyst::Plugin::StackTrace> plugin.
The plugin is configured in a similar manner to other Catalyst plugins:
<Plugin::ErrorCatcher>
- enable 1
- context 5
- always_log 0
+ enable 1
+ context 5
+ always_log 0
+ include_session 0
emit_module A::Module
</Plugin::ErrorCatcher>
@@ -516,6 +533,17 @@ suppress the I<info> log message if one or more of them succeeded.
If you wish to log the information, via C<$c-E<gt>log()> then set this value
to 1.
+=item B<include_session>
+
+The default behaviour is to suppress potentially sensitive and revealing
+session-data in the error report.
+
+If you feel that this information is useful in your investigations set the
+value to I<true>.
+
+When set to 1 the report will include a C<Data::Dump::pp()> representation of
+the request's session.
+
=back
=head1 STACKTRACE IN REPORTS WHEN NOT RUNNING IN DEBUG MODE
View
@@ -130,5 +130,21 @@ TestApp->config->{"Plugin::ErrorCatcher"}{enable} = 1;
);
}
+# RT-64492 - check no session data in default report
+TestApp->config->{stacktrace}{enable} = 1;
+TestApp->config->{"Plugin::ErrorCatcher"}{enable} = 1;
+{
+ ok( my ($res,$c) = ctx_request('http://localhost/foo/not_ok'), 'request ok' );
+ my $ec_msg;
+ eval{ $ec_msg = $c->_errorcatcher_msg };
+ ok( defined $ec_msg, 'parsed error message ok' );
+ foreach my $session_key (qw/__created __updated/) {
+ unlike(
+ $ec_msg,
+ qr{__created},
+ "no instances of '$session_key' in report"
+ );
+ }
+}
done_testing;
View
@@ -94,7 +94,7 @@ use Catalyst::Test 'TestApp';
{ sub => 'Line: %l', res => qq{Line: 30} },
{ sub => 'File: %F', res => qq{File: TestApp/Controller/Foo.pm} },
{ sub => 'Package: %p', res => qq{Package: TestApp::Controller::Foo} },
- { sub => 'Version: %V', res => qq{Version: v0.0.2} },
+ { sub => 'Version: %V', res => qq{Version: v0.0.3} },
{ sub => 'Name: %n', res => qq{Name: TestApp} },
);
View
@@ -0,0 +1,41 @@
+#!perl
+# vim: ts=8 sts=4 et sw=4 sr sta
+use strict;
+use warnings;
+
+BEGIN {
+ use FindBin::libs;
+}
+
+use Test::More 0.92;
+use Sys::Hostname;
+
+BEGIN {
+ $ENV{ TESTAPP_CONFIG } = "$FindBin::Bin/lib/testapp-session.conf";
+}
+
+use Catalyst::Test 'TestApp';
+
+# RT-64492 - check no session data in default report
+TestApp->config->{stacktrace}{enable} = 1;
+TestApp->config->{"Plugin::ErrorCatcher"}{enable} = 1;
+{
+ my ($res,$c);
+
+ ok( ($res,$c) = ctx_request('http://localhost/foo/ok'), 'request ok' );
+ ok( ($res,$c) = ctx_request('http://localhost/foo/not_ok'), 'request ok' );
+ my $ec_msg;
+ eval{ $ec_msg = $c->_errorcatcher_msg };
+ ok( defined $ec_msg, 'parsed error message ok' );
+ foreach my $session_key (qw/__created __updated/) {
+ like(
+ $ec_msg,
+ qr{__created},
+ "found instances of '$session_key' in report"
+ );
+ }
+}
+
+
+
+done_testing;
View
@@ -4,7 +4,7 @@ use strict;
use warnings;
use Catalyst;
-our $VERSION = '0.0.2';
+our $VERSION = '0.0.3';
# hide debug output at startup
{
@@ -51,6 +51,10 @@ TestApp->setup(
ErrorCatcher
ConfigLoader
Authentication
+
+ Session
+ Session::Store::File
+ Session::State::Cookie
>
);
View
@@ -0,0 +1,16 @@
+<Plugin::ErrorCatcher>
+ # ...
+ include_session 1
+
+ emit_module Catalyst::Plugin::ErrorCatcher::Email
+</Plugin::ErrorCatcher>
+
+<Plugin::ErrorCatcher::Email>
+ to address@example.com
+
+ # defaults to the To: address
+ from another@example.com
+
+ # defaults to "Error Report For <AppName>"
+ subject Alternative Subject Line
+</Plugin::ErrorCatcher::Email>

0 comments on commit c10c980

Please sign in to comment.