cloudfront-rails 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +3 -2
- data/CONTRIBUTING.md +11 -0
- data/README.md +1 -2
- data/cloudfront-rails.gemspec +1 -3
- data/gemfiles/Gemfile-4.x +5 -0
- data/gemfiles/Gemfile-5.x +5 -0
- data/lib/cloudfront/rails.rb +5 -0
- data/lib/cloudfront/rails/importer.rb +47 -0
- data/lib/cloudfront/rails/importer/response_error.rb +12 -0
- data/lib/cloudfront/rails/railtie.rb +5 -46
- data/lib/cloudfront/rails/version.rb +1 -1
- metadata +12 -35
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e30b0bb4a44345937f2986776c042412d0a8e1e3
|
4
|
+
data.tar.gz: 97bd443050d29199c36c7fa4d7a6028e58a19e73
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3b3d4634990288efd052dec24cfed2ab94023923cdf633e457d4e591c1ebc674fb60f8328f9344f644d9e0d1450b0a5a05aefe60bde253871753cb1246d7c4c4
|
7
|
+
data.tar.gz: 05ca80e7d87e5a68fbec61ce837a1651a826173d1e4e6d21489fc3a435e7816b2b0ad74f6e177b31f701b07bcd3a863531c1e1a3cf579cdd7c7a06f5b6846141
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
data/CONTRIBUTING.md
ADDED
data/README.md
CHANGED
@@ -6,7 +6,7 @@ This Gem is a shameless copy of [cloudflare-rails](https://github.com/modosc/clo
|
|
6
6
|
|
7
7
|
## Installation
|
8
8
|
|
9
|
-
__This gem
|
9
|
+
__This gem supports Rails 4 and 5__
|
10
10
|
|
11
11
|
Add this line to your application's Gemfile:
|
12
12
|
|
@@ -49,4 +49,3 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/dinks/
|
|
49
49
|
## License
|
50
50
|
|
51
51
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
52
|
-
|
data/cloudfront-rails.gemspec
CHANGED
@@ -20,12 +20,10 @@ Gem::Specification.new do |spec|
|
|
20
20
|
spec.add_development_dependency "bundler", "~> 1.12"
|
21
21
|
spec.add_development_dependency "rake", "~> 10.0"
|
22
22
|
spec.add_development_dependency "rspec", "~> 3.0"
|
23
|
-
spec.add_development_dependency "rspec-rails"
|
24
23
|
|
25
24
|
spec.add_development_dependency "webmock"
|
26
25
|
|
27
|
-
spec.add_dependency "
|
28
|
-
spec.add_dependency "httparty", ">= 0.13.7"
|
26
|
+
spec.add_dependency "railties", "> 4.0"
|
29
27
|
|
30
28
|
spec.required_ruby_version = ">= 2.0"
|
31
29
|
end
|
data/lib/cloudfront/rails.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
require "rails"
|
2
|
+
require "net/http"
|
3
|
+
|
1
4
|
require "cloudfront/rails/version"
|
2
5
|
|
3
6
|
module Cloudfront
|
@@ -6,4 +9,6 @@ module Cloudfront
|
|
6
9
|
end
|
7
10
|
end
|
8
11
|
|
12
|
+
require "cloudfront/rails/importer"
|
13
|
+
require "cloudfront/rails/importer/response_error"
|
9
14
|
require "cloudfront/rails/railtie"
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Cloudfront
|
2
|
+
module Rails
|
3
|
+
class Importer
|
4
|
+
class << self
|
5
|
+
def fetch
|
6
|
+
uri = URI("https://ip-ranges.amazonaws.com/ip-ranges.json")
|
7
|
+
response = Net::HTTP.start(uri.host,
|
8
|
+
uri.port,
|
9
|
+
use_ssl: uri.scheme == 'https',
|
10
|
+
open_timeout: ::Rails.application.config.cloudfront.timeout,
|
11
|
+
read_timeout: ::Rails.application.config.cloudfront.timeout,
|
12
|
+
ssl_timeout: ::Rails.application.config.cloudfront.timeout
|
13
|
+
) do |http|
|
14
|
+
http.request(Net::HTTP::Get.new(uri))
|
15
|
+
end
|
16
|
+
|
17
|
+
case response
|
18
|
+
when Net::HTTPSuccess
|
19
|
+
json = ActiveSupport::JSON.decode response.body
|
20
|
+
|
21
|
+
trusted_ipv4_proxies = json["prefixes"].select do |details|
|
22
|
+
details["service"] == 'CLOUDFRONT'
|
23
|
+
end.map do |details|
|
24
|
+
IPAddr.new(details["ip_prefix"])
|
25
|
+
end
|
26
|
+
|
27
|
+
trusted_ipv6_proxies = json["ipv6_prefixes"].select do |details|
|
28
|
+
details["service"] == 'CLOUDFRONT'
|
29
|
+
end.map do |details|
|
30
|
+
IPAddr.new(details["ipv6_prefix"])
|
31
|
+
end
|
32
|
+
|
33
|
+
trusted_ipv4_proxies + trusted_ipv6_proxies
|
34
|
+
else
|
35
|
+
raise ResponseError.new(response)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
def fetch_with_cache
|
39
|
+
::Rails.cache.fetch("cloudfront-rails-ips",
|
40
|
+
expires_in: ::Rails.application.config.cloudfront.expires_in) do
|
41
|
+
self.fetch
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -1,5 +1,3 @@
|
|
1
|
-
require "httparty"
|
2
|
-
|
3
1
|
module Cloudfront
|
4
2
|
module Rails
|
5
3
|
class Railtie < ::Rails::Railtie
|
@@ -10,7 +8,11 @@ module Cloudfront
|
|
10
8
|
end
|
11
9
|
end
|
12
10
|
|
13
|
-
|
11
|
+
if ::Rails.version.start_with? '4.'
|
12
|
+
Rack::Request.prepend CheckTrustedProxies
|
13
|
+
else
|
14
|
+
Rack::Request::Helpers.prepend CheckTrustedProxies
|
15
|
+
end
|
14
16
|
|
15
17
|
module RemoteIpProxies
|
16
18
|
def proxies
|
@@ -20,49 +22,6 @@ module Cloudfront
|
|
20
22
|
|
21
23
|
ActionDispatch::RemoteIp.prepend RemoteIpProxies
|
22
24
|
|
23
|
-
class Importer
|
24
|
-
include HTTParty
|
25
|
-
|
26
|
-
base_uri "https://ip-ranges.amazonaws.com"
|
27
|
-
follow_redirects true
|
28
|
-
default_options.update(verify: true)
|
29
|
-
|
30
|
-
class ResponseError < HTTParty::ResponseError; end
|
31
|
-
|
32
|
-
class << self
|
33
|
-
def fetch
|
34
|
-
resp = get "/ip-ranges.json", timeout: ::Rails.application.config.cloudfront.timeout
|
35
|
-
|
36
|
-
if resp.success?
|
37
|
-
json = ActiveSupport::JSON.decode resp.body
|
38
|
-
|
39
|
-
trusted_ipv4_proxies = json["prefixes"].select do |details|
|
40
|
-
details["service"] == 'CLOUDFRONT'
|
41
|
-
end.map do |details|
|
42
|
-
IPAddr.new(details["ip_prefix"])
|
43
|
-
end
|
44
|
-
|
45
|
-
trusted_ipv6_proxies = json["ipv6_prefixes"].select do |details|
|
46
|
-
details["service"] == 'CLOUDFRONT'
|
47
|
-
end.map do |details|
|
48
|
-
IPAddr.new(details["ipv6_prefix"])
|
49
|
-
end
|
50
|
-
|
51
|
-
trusted_ipv4_proxies + trusted_ipv6_proxies
|
52
|
-
else
|
53
|
-
raise ResponseError.new(resp.response)
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
def fetch_with_cache
|
58
|
-
::Rails.cache.fetch("cloudfront-rails-ips",
|
59
|
-
expires_in: ::Rails.application.config.cloudfront.expires_in) do
|
60
|
-
self.fetch
|
61
|
-
end
|
62
|
-
end
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
25
|
CLOUDFRONT_DEFAULTS = {
|
67
26
|
expires_in: 12.hours,
|
68
27
|
timeout: 5.seconds,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cloudfront-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dinesh V
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-07-
|
11
|
+
date: 2018-07-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -52,20 +52,6 @@ dependencies:
|
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '3.0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rspec-rails
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - ">="
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - ">="
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: webmock
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -81,33 +67,19 @@ dependencies:
|
|
81
67
|
- !ruby/object:Gem::Version
|
82
68
|
version: '0'
|
83
69
|
- !ruby/object:Gem::Dependency
|
84
|
-
name:
|
70
|
+
name: railties
|
85
71
|
requirement: !ruby/object:Gem::Requirement
|
86
72
|
requirements:
|
87
|
-
- - "
|
73
|
+
- - ">"
|
88
74
|
- !ruby/object:Gem::Version
|
89
|
-
version: '
|
75
|
+
version: '4.0'
|
90
76
|
type: :runtime
|
91
77
|
prerelease: false
|
92
78
|
version_requirements: !ruby/object:Gem::Requirement
|
93
79
|
requirements:
|
94
|
-
- - "
|
95
|
-
- !ruby/object:Gem::Version
|
96
|
-
version: '5.0'
|
97
|
-
- !ruby/object:Gem::Dependency
|
98
|
-
name: httparty
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
100
|
-
requirements:
|
101
|
-
- - ">="
|
102
|
-
- !ruby/object:Gem::Version
|
103
|
-
version: 0.13.7
|
104
|
-
type: :runtime
|
105
|
-
prerelease: false
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
107
|
-
requirements:
|
108
|
-
- - ">="
|
80
|
+
- - ">"
|
109
81
|
- !ruby/object:Gem::Version
|
110
|
-
version: 0
|
82
|
+
version: '4.0'
|
111
83
|
description: " Whitelist Cloudfront Proxies for Rails so that request.ip and request.remote_ip
|
112
84
|
work properly "
|
113
85
|
email:
|
@@ -120,6 +92,7 @@ files:
|
|
120
92
|
- ".rspec"
|
121
93
|
- ".travis.yml"
|
122
94
|
- CODE_OF_CONDUCT.md
|
95
|
+
- CONTRIBUTING.md
|
123
96
|
- Gemfile
|
124
97
|
- LICENSE.txt
|
125
98
|
- README.md
|
@@ -127,7 +100,11 @@ files:
|
|
127
100
|
- bin/console
|
128
101
|
- bin/setup
|
129
102
|
- cloudfront-rails.gemspec
|
103
|
+
- gemfiles/Gemfile-4.x
|
104
|
+
- gemfiles/Gemfile-5.x
|
130
105
|
- lib/cloudfront/rails.rb
|
106
|
+
- lib/cloudfront/rails/importer.rb
|
107
|
+
- lib/cloudfront/rails/importer/response_error.rb
|
131
108
|
- lib/cloudfront/rails/railtie.rb
|
132
109
|
- lib/cloudfront/rails/version.rb
|
133
110
|
homepage: https://github.com/dinks/cloudfront-rails/
|