headwinds 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/Gemfile +4 -0
  4. data/LICENSE.txt +22 -0
  5. data/README.md +29 -0
  6. data/Rakefile +1 -0
  7. data/headwinds.gemspec +23 -0
  8. data/lib/headwinds/version.rb +3 -0
  9. data/lib/headwinds.rb +74 -0
  10. metadata +86 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: cea35618b36f1abd72f211027dd778e15609ed78
4
+ data.tar.gz: 765cf3159bcd23b81a424c9848b9fc162d79609a
5
+ SHA512:
6
+ metadata.gz: 518c8433d6145c57268c8d2b155bf836cbf8f75c36d174d849191dd2dbbb958caf0166923cfc4cf9bfa337285af738c128f5e9a9d14ba4cbd905b2ecfdc8f136
7
+ data.tar.gz: db519903d392e02c00d2f6f1e0c17712b4e149a47b913bf4c784eb5c55c9088fc3df3efab49599d92c81c11e471751be5131fdb54ed576f9b9d698fd777cd13d
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in headwinds.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Tien Le
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,29 @@
1
+ # Headwinds
2
+
3
+ TODO: Write a gem description
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'headwinds'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install headwinds
18
+
19
+ ## Usage
20
+
21
+ TODO: Write usage instructions here
22
+
23
+ ## Contributing
24
+
25
+ 1. Fork it
26
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
27
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
28
+ 4. Push to the branch (`git push origin my-new-feature`)
29
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
data/headwinds.gemspec ADDED
@@ -0,0 +1,23 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'headwinds/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "headwinds"
8
+ spec.version = Headwinds::VERSION
9
+ spec.authors = ["Tien Le"]
10
+ spec.email = ["letien@pdx.edu"]
11
+ spec.description = %q{Headwinds lets you embed a client puzzle in your web pages in order to protect them against spam and other types of automated abuse.}
12
+ spec.summary = %q{Headwinds transparently protects against automated web attacks using Proof-of-Work (PoW) or client puzzles. It embeds PoW challenges as attributes in HTML tags and supplies clients with a JavaScript solver. The client's browser uses the solver to generate a solution and modifies the URL to include the challenge and solution as standard HTTP query parameters. With the modified URL, a client can successfully retrieve the protected resource.}
13
+ spec.homepage = "https://kapow.cs.pdx.edu"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_development_dependency "rake"
23
+ end
data/lib/headwinds/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module Headwinds
2
+ VERSION = "0.0.1"
3
+ end
data/lib/headwinds.rb ADDED
@@ -0,0 +1,74 @@
1
+ require "headwinds/version"
2
+
3
+ module Headwinds
4
+ class Headwinds
5
+ $PRIVATE_KEY = 'vLLLZHc9VuihVqYOH3cA'
6
+ $API_KEY = '51282dee16d3125926000053'
7
+ $INTERVAL = 60*5
8
+ $REFRESHING_TIME = 24 * 3600
9
+
10
+ def initialize_kapow(location)
11
+ print "Content-Type: text/html\n\n"
12
+ print '<script src="http://rabbit.cs.pdx.edu/headwinds/application/js/kapow.js"></script>'
13
+ print '<input type="hidden" name="kapowField" id="kapowField" value="" />'
14
+ print "<script> kapowInitialize('#{location}')</script>"
15
+ end
16
+
17
+ def kapow_verify(kapowField)
18
+ require 'json'
19
+ require 'digest'
20
+ kapow = JSON.parse(kapowField)
21
+
22
+ @Data = kapow['comment'] + kapow['author'] + kapow['email']
23
+ @Adone = kapow['Adone']
24
+ @S = kapow['S']
25
+ @ts = kapow['ts']
26
+
27
+ #verify
28
+ @Ks_array = generateKsArray()
29
+ #use Ks to verify the answer
30
+ for @Ks in @Ks_array
31
+ @total = @Data+@Ks+@S+@ts
32
+ end
33
+ @Cookie = Digest::MD5.hexdigest(@total)
34
+ @final = @Ks+@Cookie
35
+ @check = Digest::MD5.hexdigest(@total)
36
+ if @check == @Adone
37
+ return 1
38
+ else
39
+ return 0
40
+ end
41
+ end
42
+
43
+ def generateKsArray()
44
+ # Generate new Ks from the private key. If generation happens at the beginning of a period, two Ks are created.
45
+ # @param private_key
46
+ # @return Ks_array array contains key(s)
47
+
48
+ ts = Time.now.to_i
49
+ if Integer(Integer(ts) % $REFRESHING_TIME) < $INTERVAL
50
+ @Ks_array = [ getKsFromPK($PRIVATE_KEY), getKsFromPK($PRIVATE_KEY,True) ]
51
+ else
52
+ @Ks_array = [ getKsFromPK($PRIVATE_KEY) ]
53
+ end
54
+ return @Ks_array
55
+ end
56
+
57
+ def getKsFromPK(private_key, previous = FALSE)
58
+ # Generate new Ks from the private key. The generated key is different for each period indicated by REFRESHING_TIME
59
+ # It can also be used to generated Ks from the previous period by setting the $previous param to true
60
+ # @param $private_key
61
+ # @param $previous: set to true if wanting to generate key of previous period
62
+ # @return Ks
63
+ require 'digest'
64
+ if previous
65
+ k = 1
66
+ else
67
+ k = 0
68
+ end
69
+ ts = Time.now.to_i
70
+ concat = String(Integer(Integer(ts) / $REFRESHING_TIME) - k)+private_key
71
+ return Digest::SHA256.hexdigest(concat)
72
+ end
73
+ end
74
+ end
metadata ADDED
@@ -0,0 +1,86 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: headwinds
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Tien Le
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-02-28 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '1.3'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '1.3'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ description: Headwinds lets you embed a client puzzle in your web pages in order to
42
+ protect them against spam and other types of automated abuse.
43
+ email:
44
+ - letien@pdx.edu
45
+ executables: []
46
+ extensions: []
47
+ extra_rdoc_files: []
48
+ files:
49
+ - .gitignore
50
+ - Gemfile
51
+ - LICENSE.txt
52
+ - README.md
53
+ - Rakefile
54
+ - headwinds.gemspec
55
+ - lib/headwinds.rb
56
+ - lib/headwinds/version.rb
57
+ homepage: https://kapow.cs.pdx.edu
58
+ licenses:
59
+ - MIT
60
+ metadata: {}
61
+ post_install_message:
62
+ rdoc_options: []
63
+ require_paths:
64
+ - lib
65
+ required_ruby_version: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - '>='
68
+ - !ruby/object:Gem::Version
69
+ version: '0'
70
+ required_rubygems_version: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - '>='
73
+ - !ruby/object:Gem::Version
74
+ version: '0'
75
+ requirements: []
76
+ rubyforge_project:
77
+ rubygems_version: 2.0.0
78
+ signing_key:
79
+ specification_version: 4
80
+ summary: Headwinds transparently protects against automated web attacks using Proof-of-Work
81
+ (PoW) or client puzzles. It embeds PoW challenges as attributes in HTML tags and
82
+ supplies clients with a JavaScript solver. The client's browser uses the solver
83
+ to generate a solution and modifies the URL to include the challenge and solution
84
+ as standard HTTP query parameters. With the modified URL, a client can successfully
85
+ retrieve the protected resource.
86
+ test_files: []