geocoder 1.6.0 → 1.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +0 -2
  4. data/lib/geocoder/lookups/ipgeolocation.rb +6 -18
  5. data/lib/geocoder/sql.rb +4 -4
  6. data/lib/geocoder/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0d1523b73c17cd042f5af380ea44d2711c66684928aee867490f539cc3507582
4
- data.tar.gz: c63760a1b75b7ce43d785736ffb6b0afcace52f3283ee4365b4d7af269822603
3
+ metadata.gz: 25d03f1aeb92b80a0ec269a1f42093bb641e468d0824d324ad5157ed9cfcb559
4
+ data.tar.gz: 1a23a47bfb3d4af0de14421f8b1b76e03234aee309a8be7ddb2acd91ce04c30d
5
5
  SHA512:
6
- metadata.gz: 96048af2e42535ec2091a21d29eac9c4ebb3f8a3081762b34c3c97a72215ce8f4312ee5f9f072153ef530370580e609996946b4afa23aa89b1973c942c18417f
7
- data.tar.gz: d3993aa69ba09c543e24215c290e9e7a5b56db0c49b065ece947d3b53eeecb6a8014c8c7737138939ba7cdb67acba36a6d537c081ad86fcbf707eff9cf97e5b3
6
+ metadata.gz: e8f4fd2a60fa6ccb91f7a04a737b5720aa4e276181c202b215b5dd8c50b1746d833ace8c2a034aae1282132e62f96be518b3b366c34f03c73ffcb4cf1dd3c6ab
7
+ data.tar.gz: 848c835773fd172b8469eefc28646c4c5cd3176d10bfb175f5d447bd24b51982555644b7ff5d45eddb2bc04cf7820fadb2363a23cf907ad13aa930f33b5dad09
data/CHANGELOG.md CHANGED
@@ -3,6 +3,10 @@ Changelog
3
3
 
4
4
  Major changes to Geocoder for each release. Please see the Git log for complete list of changes.
5
5
 
6
+ 1.6.1 (2020 Jan 23)
7
+ -------------------
8
+ * Sanitize lat/lon values passed to within_bounding_box to prevent SQL injection.
9
+
6
10
  1.6.0 (2020 Jan 6)
7
11
  -------------------
8
12
  * Drop support for Rails 3.x.
data/README.md CHANGED
@@ -6,8 +6,6 @@ Geocoder
6
6
  [![Gem Version](https://badge.fury.io/rb/geocoder.svg)](http://badge.fury.io/rb/geocoder)
7
7
  [![Code Climate](https://codeclimate.com/github/alexreisner/geocoder/badges/gpa.svg)](https://codeclimate.com/github/alexreisner/geocoder)
8
8
  [![Build Status](https://travis-ci.org/alexreisner/geocoder.svg?branch=master)](https://travis-ci.org/alexreisner/geocoder)
9
- [![GitHub Issues](https://img.shields.io/github/issues/alexreisner/geocoder.svg)](https://github.com/alexreisner/geocoder/issues)
10
- [![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT)
11
9
 
12
10
  Key features:
13
11
 
data/lib/geocoder/lookups/ipgeolocation.rb CHANGED
@@ -6,16 +6,11 @@ module Geocoder::Lookup
6
6
  class Ipgeolocation < Base
7
7
 
8
8
  ERROR_CODES = {
9
- 404 => Geocoder::InvalidRequest,
10
- 401 => Geocoder::RequestDenied, # missing/invalid API key
11
- 101 => Geocoder::InvalidApiKey,
12
- 102 => Geocoder::Error,
13
- 103 => Geocoder::InvalidRequest,
14
- 104 => Geocoder::OverQueryLimitError,
15
- 105 => Geocoder::RequestDenied,
16
- 301 => Geocoder::InvalidRequest,
17
- 302 => Geocoder::InvalidRequest,
18
- 303 => Geocoder::RequestDenied,
9
+ 400 => Geocoder::RequestDenied, # subscription is paused
10
+ 401 => Geocoder::InvalidApiKey, # missing/invalid API key
11
+ 403 => Geocoder::InvalidRequest, # invalid IP address
12
+ 404 => Geocoder::InvalidRequest, # not found
13
+ 423 => Geocoder::InvalidRequest # bogon/reserved IP address
19
14
  }
20
15
  ERROR_CODES.default = Geocoder::Error
21
16
 
@@ -42,14 +37,7 @@ module Geocoder::Lookup
42
37
  def results(query)
43
38
  # don't look up a loopback or private address, just return the stored result
44
39
  return [reserved_result(query.text)] if query.internal_ip_address?
45
- return [] unless doc = fetch_data(query)
46
- if error = doc['error']
47
- code = error['code']
48
- msg = error['info']
49
- raise_error(ERROR_CODES[code], msg ) || Geocoder.log(:warn, "Ipgeolocation Geocoding API error: #{msg}")
50
- return []
51
- end
52
- [doc]
40
+ [fetch_data(query)]
53
41
  end
54
42
 
55
43
  def reserved_result(ip)
data/lib/geocoder/sql.rb CHANGED
@@ -44,13 +44,13 @@ module Geocoder
44
44
  end
45
45
 
46
46
  def within_bounding_box(sw_lat, sw_lng, ne_lat, ne_lng, lat_attr, lon_attr)
47
- spans = "#{lat_attr} BETWEEN #{sw_lat} AND #{ne_lat} AND "
47
+ spans = "#{lat_attr} BETWEEN #{sw_lat.to_f} AND #{ne_lat.to_f} AND "
48
48
  # handle box that spans 180 longitude
49
49
  if sw_lng.to_f > ne_lng.to_f
50
- spans + "(#{lon_attr} BETWEEN #{sw_lng} AND 180 OR " +
51
- "#{lon_attr} BETWEEN -180 AND #{ne_lng})"
50
+ spans + "(#{lon_attr} BETWEEN #{sw_lng.to_f} AND 180 OR " +
51
+ "#{lon_attr} BETWEEN -180 AND #{ne_lng.to_f})"
52
52
  else
53
- spans + "#{lon_attr} BETWEEN #{sw_lng} AND #{ne_lng}"
53
+ spans + "#{lon_attr} BETWEEN #{sw_lng.to_f} AND #{ne_lng.to_f}"
54
54
  end
55
55
  end
56
56
 
data/lib/geocoder/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Geocoder
2
- VERSION = "1.6.0"
2
+ VERSION = "1.6.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: geocoder
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0
4
+ version: 1.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alex Reisner
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-01-06 00:00:00.000000000 Z
11
+ date: 2020-01-23 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Provides object geocoding (by street or IP address), reverse geocoding
14
14
  (coordinates to street address), distance queries for ActiveRecord and Mongoid,