homographic_spoofing 0.1.0

data/lib/homographic_spoofing.rb

@@ -0,0 +1,47 @@
+require "zeitwerk"
+require "unicode/scripts"
+require "dnsruby"
+require "public_suffix"
+require "mail"
+require "csv"
+require "active_support"
+require "active_support/core_ext"
+
+loader = Zeitwerk::Loader.for_gem
+loader.setup
+
+module HomographicSpoofing
+  mattr_accessor :logger, instance_accessor: false
+
+  class << self
+    def email_address_spoof?(email_address)
+      HomographicSpoofing::Detector::EmailAddress.detected?(email_address)
+    end
+
+    def email_name_spoof?(email_address)
+      HomographicSpoofing::Detector::QuotedString.detected?(email_address)
+    end
+
+    def email_local_spoof?(email_address)
+      HomographicSpoofing::Detector::Local.detected?(email_address)
+    end
+
+    def idn_spoof?(idn)
+      HomographicSpoofing::Detector::Idn.detected?(idn)
+    end
+
+    def sanitize_email_address(email_address)
+      HomographicSpoofing::Sanitizer::EmailAddress.sanitize(email_address)
+    end
+
+    def sanitize_email_name(email_address)
+      HomographicSpoofing::Sanitizer::QuotedString.sanitize(email_address)
+    end
+
+    def sanitize_idn(idn)
+      HomographicSpoofing::Sanitizer::Idn.sanitize(idn)
+    end
+  end
+end
+
+require_relative "homographic_spoofing/railtie" if defined?(Rails::Railtie)

metadata

@@ -0,0 +1,166 @@
+--- !ruby/object:Gem::Specification
+name: homographic_spoofing
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Jacopo Beschi
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-06-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
+- !ruby/object:Gem::Dependency
+  name: unicode-scripts
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: dnsruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: public_suffix
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mail
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
+- jacopo@37signals.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- lib/homographic_spoofing.rb
+- lib/homographic_spoofing/detector/base.rb
+- lib/homographic_spoofing/detector/detection.rb
+- lib/homographic_spoofing/detector/email_address.rb
+- lib/homographic_spoofing/detector/idn.rb
+- lib/homographic_spoofing/detector/local.rb
+- lib/homographic_spoofing/detector/quoted_string.rb
+- lib/homographic_spoofing/detector/rule/base.rb
+- lib/homographic_spoofing/detector/rule/context.rb
+- lib/homographic_spoofing/detector/rule/data/allowed_idn_characters.txt
+- lib/homographic_spoofing/detector/rule/data/digits.csv
+- lib/homographic_spoofing/detector/rule/disallowed_characters.rb
+- lib/homographic_spoofing/detector/rule/idn/base.rb
+- lib/homographic_spoofing/detector/rule/idn/context.rb
+- lib/homographic_spoofing/detector/rule/idn/dangerous_pattern.rb
+- lib/homographic_spoofing/detector/rule/idn/deviation_characters.rb
+- lib/homographic_spoofing/detector/rule/idn/digits.rb
+- lib/homographic_spoofing/detector/rule/idn/invisible_characters.rb
+- lib/homographic_spoofing/detector/rule/idn/script_confusable.rb
+- lib/homographic_spoofing/detector/rule/idn/script_specific.rb
+- lib/homographic_spoofing/detector/rule/idn/unsafe_middle_dot.rb
+- lib/homographic_spoofing/detector/rule/local/dot_atom_text.rb
+- lib/homographic_spoofing/detector/rule/local/nfkc.rb
+- lib/homographic_spoofing/detector/rule/mixed_digits.rb
+- lib/homographic_spoofing/detector/rule/mixed_scripts.rb
+- lib/homographic_spoofing/detector/rule/quoted_string/bidi_control.rb
+- lib/homographic_spoofing/detector/rule/quoted_string/data/nonspacing_marks.txt
+- lib/homographic_spoofing/detector/rule/quoted_string/nfc.rb
+- lib/homographic_spoofing/detector/rule/quoted_string/nonspacing_marks.rb
+- lib/homographic_spoofing/railtie.rb
+- lib/homographic_spoofing/sanitizer/base.rb
+- lib/homographic_spoofing/sanitizer/email_address.rb
+- lib/homographic_spoofing/sanitizer/idn.rb
+- lib/homographic_spoofing/sanitizer/quoted_string.rb
+- lib/homographic_spoofing/version.rb
+homepage: https://github.com/basecamp/homographic_spoofing
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.1.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.3
+signing_key:
+specification_version: 4
+summary: A toolkit to both detect and sanitize homographic spoofing attacks in URLs
+  and Email addresses
+test_files: []