firewall_constraint 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/firewall_constraint.rb +5 -1
  3. data/lib/firewall_constraint/version.rb +1 -1
  4. data/spec/requests/dummy_controller_spec.rb +17 -7
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 502e9d611ee75a4ff89fec91897d9a87a85fb7f6
4
- data.tar.gz: 79dd258d71e248fc4eb5ffe37965ca9dab1b2d3b
3
+ metadata.gz: 786a5e354a3b127d518c2cd08b4b4e012200a8e5
4
+ data.tar.gz: 6fac23e20cb5f56ccf5dcb95f5bafb1ed949b758
5
5
  SHA512:
6
- metadata.gz: 3594f8cce23a0db8275ee5715baa423097bf2eb0c489b4213b998cc90aed7641d5bec1daa40aa18b5838d32d1d29840465ef2bc8d4fcd4437546815c75283648
7
- data.tar.gz: caf17eb249c6ab734ee0e0acb820b076fcec102136697cdddfe8e592fc9e6056c1b292702b01e6f0a99e875707aa06280de6e852b8ffa8fc5c4ea92c1c8cc3ab
6
+ metadata.gz: a48dfa6057c90b4a28b5ed25e2b5e0ebc398c80df625b1366a8596d2bcf9cc27bf84ec41e4e5aca708ac6a9b0008df0a20400145d2a0003eec61478b1aa9e678
7
+ data.tar.gz: 79bf725b17d5eb602d4c7a215fc91e1df6107d36d6fd793263775c12e3f285f9c7a0e8d7f837d68e1288383b2e2fb990a973d0c8aff3139a5a2e101265065371
data/lib/firewall_constraint.rb CHANGED
@@ -13,9 +13,13 @@ module FirewallConstraint
13
13
  end
14
14
  end
15
15
 
16
+ def requestor_ip(request)
17
+ request.env["HTTP_X_FORWARDED_FOR"] ? request.env["HTTP_X_FORWARDED_FOR"].split(/, /).first : request.remote_ip
18
+ end
19
+
16
20
  def matches?(request)
17
21
  return true if parsed_ips.empty?
18
- client_ip = IPAddress::parse(request.env["HTTP_X_FORWARDED_FOR"] ? request.env["HTTP_X_FORWARDED_FOR"] : request.remote_ip)
22
+ client_ip = IPAddress::parse requestor_ip(request)
19
23
  parsed_ips.each do |ip|
20
24
  begin
21
25
  return true if ip.include?(client_ip)
data/lib/firewall_constraint/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module FirewallConstraint
2
- VERSION = "0.1.2"
2
+ VERSION = "0.1.3"
3
3
  end
data/spec/requests/dummy_controller_spec.rb CHANGED
@@ -7,7 +7,7 @@ describe "DummyController", type: :request do
7
7
  end
8
8
 
9
9
  it 'should get dynamic constraint' do
10
- get root_path, nil, "REMOTE_ADDR" => "127.0.0.1"
10
+ get root_path
11
11
  open_session do |sess|
12
12
  sess.remote_addr = '127.0.0.1'
13
13
  get '/dummy/blocked_by_dynamic'
@@ -16,7 +16,7 @@ describe "DummyController", type: :request do
16
16
  end
17
17
 
18
18
  it 'should get procced constraint' do
19
- get root_path, nil, "REMOTE_ADDR" => "127.0.0.1"
19
+ get root_path
20
20
  open_session do |sess|
21
21
  sess.remote_addr = '127.0.0.1'
22
22
  get '/dummy/blocked_by_proc'
@@ -26,7 +26,7 @@ describe "DummyController", type: :request do
26
26
 
27
27
  it 'should get ipv6 constraint' do
28
28
  ipv6 = 'fe80::d69a:20ff:fe0d:45fe'
29
- get root_path, nil, "REMOTE_ADDR" => ipv6
29
+ get root_path
30
30
  open_session do |sess|
31
31
  sess.remote_addr = ipv6
32
32
  get '/dummy/blocked_by_ipv6'
@@ -38,7 +38,7 @@ describe "DummyController", type: :request do
38
38
  context 'given a bad ipv6 ip' do
39
39
  around do |example|
40
40
  ipv6 = 'fe80::d69a:20ff:fe0d:45ff'
41
- get root_path, nil, "REMOTE_ADDR" => ipv6
41
+ get root_path
42
42
  open_session do |sess|
43
43
  sess.remote_addr = ipv6
44
44
  example.run
@@ -56,16 +56,26 @@ describe "DummyController", type: :request do
56
56
 
57
57
  it 'should not vomit given a bad ipv6 ip' do
58
58
  ipv6 = 'fe80::d69a:20ff:fe0d:45fe'
59
- get root_path, nil, "REMOTE_ADDR" => ipv6
59
+ get root_path
60
60
  open_session do |sess|
61
61
  sess.remote_addr = ipv6
62
62
  expect {get '/dummy/blocked_by_block'}.to raise_error ActionController::RoutingError
63
63
  end
64
64
  end
65
+
66
+ it 'should not vomit given a list of IPs in HTTP_X_FORWARDED_FOR -- and should look at the leftmost IP in the list' do
67
+ ip_list = '1.2.3.4, 10.0.0.1'
68
+ get root_path
69
+ open_session do |sess|
70
+ sess.remote_addr = ip_list
71
+ expect {get '/dummy/blocked_by_block', nil, {"HTTP_X_FORWARDED_FOR" => ip_list}}.to raise_error ActionController::RoutingError
72
+ end
73
+ end
74
+
65
75
 
66
76
  context 'given a good ip' do
67
77
  around do |example|
68
- get root_path, nil, "REMOTE_ADDR" => "10.0.0.45"
78
+ get root_path
69
79
  open_session do |sess|
70
80
  sess.remote_addr = '10.0.0.45'
71
81
  example.run
@@ -85,7 +95,7 @@ describe "DummyController", type: :request do
85
95
 
86
96
  context 'given a bad ip' do
87
97
  around do |example|
88
- get root_path, nil, "REMOTE_ADDR" => "55.55.55.55"
98
+ get root_path
89
99
  open_session do |sess|
90
100
  sess.remote_addr = '55.55.55.55'
91
101
  example.run
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: firewall_constraint
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mike Auclair
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-05-09 00:00:00.000000000 Z
11
+ date: 2015-05-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails