aikido-zen 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/docs/config.md +9 -0
- data/lib/aikido/zen/config.rb +7 -0
- data/lib/aikido/zen/rails_engine.rb +14 -6
- data/lib/aikido/zen/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 052d01f51eb0f34c08a07ba96d66f8e31e003c80014b832093ce5cdb5e651fb8
|
|
4
|
+
data.tar.gz: 0c4840278e6628eacc85c0202be103e4e61db7353081f241be716cea0decd1b3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d2a5c9158588d96494c090315aa0a2bcddf6a51165ece7cc8585d7ec3ee58d09c5b36e52cf7a905323598f362e00417dfee018245fc5edb9a981b40ff728265d
|
|
7
|
+
data.tar.gz: 20245af9becf214d9c648446242fdf38a345785c153d28e65605ec97b5b90b51ea1cd6e7bbbf4b9a82ae426f4663a6549e596394ef5a8a2714f84ca3d0ee89d6
|
data/docs/config.md
CHANGED
|
@@ -5,6 +5,15 @@ changing values on the `Aikido::Zen.config` object, which you can do from
|
|
|
5
5
|
your app's startup file (like an initializer in Rails, or `config.ru` in
|
|
6
6
|
other Rack-based apps).
|
|
7
7
|
|
|
8
|
+
## Middleware insertion
|
|
9
|
+
|
|
10
|
+
By default, the Zen middleware is inserted after `ActionDispatch::Executor`.
|
|
11
|
+
You can change this by setting `Aikido::Zen.config.insert_middleware_after`
|
|
12
|
+
to a Rack middleware class or index.
|
|
13
|
+
|
|
14
|
+
When set to `nil`, the middleware is inserted before the first middleware in
|
|
15
|
+
the then-current middleware stack.
|
|
16
|
+
|
|
8
17
|
## Disable Zen
|
|
9
18
|
|
|
10
19
|
In order to fully turn off Zen and prevent it from intercepting any requests or
|
data/lib/aikido/zen/config.rb
CHANGED
|
@@ -8,6 +8,12 @@ require_relative "context"
|
|
|
8
8
|
|
|
9
9
|
module Aikido::Zen
|
|
10
10
|
class Config
|
|
11
|
+
# @return [Class, Integer, nil] The Rack middleware class or index after which
|
|
12
|
+
# the Zen middleware should be inserted. When set to nil, the middleware is
|
|
13
|
+
# inserted before the first middleware in the then-current middleware stack.
|
|
14
|
+
# Defaults to ::ActionDispatch::Executor.
|
|
15
|
+
attr_accessor :insert_middleware_after
|
|
16
|
+
|
|
11
17
|
# @return [Boolean] whether Aikido should be turned completely off (no
|
|
12
18
|
# intercepting calls to protect the app, no agent process running, no
|
|
13
19
|
# middleware installed). Defaults to false (so, enabled). Can be set
|
|
@@ -178,6 +184,7 @@ module Aikido::Zen
|
|
|
178
184
|
attr_accessor :attack_wave_max_cache_entries
|
|
179
185
|
|
|
180
186
|
def initialize
|
|
187
|
+
self.insert_middleware_after = ::ActionDispatch::Executor
|
|
181
188
|
self.disabled = read_boolean_from_env(ENV.fetch("AIKIDO_DISABLE", false)) || read_boolean_from_env(ENV.fetch("AIKIDO_DISABLED", false))
|
|
182
189
|
self.blocking_mode = read_boolean_from_env(ENV.fetch("AIKIDO_BLOCK", false))
|
|
183
190
|
self.api_timeouts = 10
|
|
@@ -10,10 +10,10 @@ module Aikido::Zen
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
initializer "aikido.add_middleware", after: :load_config_initializers do |app|
|
|
13
|
-
# The
|
|
14
|
-
# middleware
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
# The Zen middleware is inserted in order as a block after the configured
|
|
14
|
+
# middleware anchor point.
|
|
15
|
+
|
|
16
|
+
middleware_block = [
|
|
17
17
|
Aikido::Zen::Middleware::ForkDetector,
|
|
18
18
|
Aikido::Zen::Middleware::ContextSetter,
|
|
19
19
|
Aikido::Zen::Middleware::AllowedAddressChecker,
|
|
@@ -24,8 +24,16 @@ module Aikido::Zen
|
|
|
24
24
|
Aikido::Zen::Middleware::RequestTracker
|
|
25
25
|
]
|
|
26
26
|
|
|
27
|
-
|
|
28
|
-
|
|
27
|
+
middleware_anchor = Aikido::Zen.config.insert_middleware_after
|
|
28
|
+
|
|
29
|
+
if middleware_anchor.nil?
|
|
30
|
+
app.middleware.insert_before 0, middleware_block.first
|
|
31
|
+
else
|
|
32
|
+
app.middleware.insert_after middleware_anchor, middleware_block.first
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
middleware_block.each_cons(2) do |existing_middleware, middleware|
|
|
36
|
+
app.middleware.insert_after(existing_middleware, middleware)
|
|
29
37
|
end
|
|
30
38
|
|
|
31
39
|
ActiveSupport.on_load(:action_controller) do
|
data/lib/aikido/zen/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aikido-zen
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aikido Security
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-12-
|
|
11
|
+
date: 2025-12-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: concurrent-ruby
|