apache_secure_download 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/ChangeLog +4 -0
- data/README +1 -1
- data/lib/apache/secure_download/version.rb +1 -1
- data/lib/apache/secure_download.rb +1 -1
- data/spec/apache/secure_download_spec.rb +13 -4
- metadata +4 -4
data/ChangeLog
CHANGED
data/README
CHANGED
@@ -53,7 +53,7 @@ module Apache
|
|
53
53
|
# If either condition doesn't hold true, access to the requested resource
|
54
54
|
# is denied!
|
55
55
|
def check_access(request)
|
56
|
-
timestamp, token = Util.split(request.param(Util::TOKEN_KEY))
|
56
|
+
timestamp, token = Util.split(request.param(Util::TOKEN_KEY) || '')
|
57
57
|
|
58
58
|
# Remove timestamp and token from query args
|
59
59
|
request.args &&= Util.real_query(request.args)
|
@@ -78,6 +78,11 @@ describe Apache::SecureDownload do
|
|
78
78
|
@handler = @class.new(@secret)
|
79
79
|
end
|
80
80
|
|
81
|
+
it "should be forbidden without _asd parameter" do
|
82
|
+
mock_request(false)
|
83
|
+
@handler.check_access(@request).should == Apache::FORBIDDEN
|
84
|
+
end
|
85
|
+
|
81
86
|
shared_examples "normally" do
|
82
87
|
|
83
88
|
it_should_be_allowed "with correct secret"
|
@@ -237,11 +242,15 @@ describe Apache::SecureDownload do
|
|
237
242
|
|
238
243
|
end
|
239
244
|
|
240
|
-
def mock_request
|
241
|
-
|
245
|
+
def mock_request(have_asd = true)
|
246
|
+
if have_asd
|
247
|
+
_asd = "#{'%010x' % @timestamp}#{@token}"
|
242
248
|
|
243
|
-
|
244
|
-
|
249
|
+
args = "_asd=#{_asd}"
|
250
|
+
args = "#{@args}&#{args}" if @args
|
251
|
+
else
|
252
|
+
args = "#{@args}"
|
253
|
+
end
|
245
254
|
|
246
255
|
clean_args = @class::Util.real_query(args)
|
247
256
|
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apache_secure_download
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 21
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 2
|
9
|
-
-
|
10
|
-
version: 0.2.
|
9
|
+
- 1
|
10
|
+
version: 0.2.1
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Jens Wille
|
@@ -47,7 +47,7 @@ licenses: []
|
|
47
47
|
post_install_message:
|
48
48
|
rdoc_options:
|
49
49
|
- --title
|
50
|
-
- apache_secure_download Application documentation (v0.2.
|
50
|
+
- apache_secure_download Application documentation (v0.2.1)
|
51
51
|
- --line-numbers
|
52
52
|
- --main
|
53
53
|
- README
|