nexaas-throttle 2.0.1 → 2.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +3 -0
- data/README.md +16 -0
- data/lib/nexaas/throttle/configuration.rb +8 -0
- data/lib/nexaas/throttle/guardian.rb +8 -9
- data/lib/nexaas/throttle/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 63a2423df0234df78dcb667687185860e9fffe7da34bdafc520f57e480c7d2e3
|
|
4
|
+
data.tar.gz: 51516ec7615f7e3fc9e5db4561b35bae394df11cc513cfc53274175b68ee824c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f4e40bbf21e279edb238494a6cc4872060148fe7edd50595878c77ba042c0a3afe2bfc86e33ba2ca23df8064ba4dc24a6422b57bcc9f65c38d2f404bbd7789b2
|
|
7
|
+
data.tar.gz: a41733cddfcb736f25b3c235c3389c87668d7bc13465b6024a194b455547d2d6896db8a5bd298714b3cb9ac989f86bbccfe9935e9cad79c046678109e390c2e1
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
### v2.0.2
|
|
2
|
+
- Stop checking for query string in request#path. [#10](https://github.com/myfreecomm/nexaas-throttle/pull/10)
|
|
3
|
+
- Add information on README regarding X-RateLimit headers. [#9](https://github.com/myfreecomm/nexaas-throttle/pull/9)
|
|
1
4
|
### v2.0.1
|
|
2
5
|
- Fix regex matching when checking if a given request is asset-related. [#7](https://github.com/myfreecomm/nexaas-throttle/pull/7)
|
|
3
6
|
## v2.0
|
data/README.md
CHANGED
|
@@ -42,6 +42,7 @@ Nexaas::Throttle.configure do |config|
|
|
|
42
42
|
namespace: "nexaas:throttle"
|
|
43
43
|
}
|
|
44
44
|
config.ignored_user_agents = [/[Gg]oogle/, /Amazon/]
|
|
45
|
+
config.assets_extensions = %w[bmp tiff css js jpg jpeg png gif woff ttf svg]
|
|
45
46
|
end
|
|
46
47
|
```
|
|
47
48
|
|
|
@@ -97,6 +98,11 @@ end
|
|
|
97
98
|
<td>An array of User Agents that should be ignored by the throttler. Values are regexes that will be matched against the request User-Agent</td>
|
|
98
99
|
<td><code>nil</code></td>
|
|
99
100
|
</tr>
|
|
101
|
+
<tr>
|
|
102
|
+
<td><code>assets_extensions</code></td>
|
|
103
|
+
<td>An array of file extensions considered to be asset-related. Values are strings that will be matched against the request path. Paths that match will be not be throttled</td>
|
|
104
|
+
<td><code>%w[css js jpg jpeg png gif woff ttf svg]</code></td>
|
|
105
|
+
</tr>
|
|
100
106
|
</table>
|
|
101
107
|
|
|
102
108
|
### Request Identification
|
|
@@ -139,6 +145,16 @@ end
|
|
|
139
145
|
|
|
140
146
|
If you want, you can access the request token by inspecting `request.env["nexaas.token"]`. This is the token your `request_identifier` provided after evaluating the request.
|
|
141
147
|
|
|
148
|
+
### Response headers
|
|
149
|
+
|
|
150
|
+
Rate limit headers are available for all request responses and provide information for API users. They are the following:
|
|
151
|
+
|
|
152
|
+
```ruby
|
|
153
|
+
"X-RateLimit-Limit" # Total of requests allowed until next reset.
|
|
154
|
+
"X-RateLimit-Remaining" # Amount of requests the user can still send before being throttled.
|
|
155
|
+
"X-RateLimit-Reset" # Epoch time for the reset of the request count.
|
|
156
|
+
```
|
|
157
|
+
|
|
142
158
|
## Development
|
|
143
159
|
|
|
144
160
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -43,6 +43,13 @@ module Nexaas
|
|
|
43
43
|
# @return [Array]
|
|
44
44
|
attr_accessor :ignored_user_agents
|
|
45
45
|
|
|
46
|
+
# An array of file extensions considered to be asset-related.
|
|
47
|
+
# Values are strings that will be matched against the request path.
|
|
48
|
+
# Paths that match will be not be throttled.
|
|
49
|
+
# Example: ["css", "js", "jpeg", "jpg", "png"]
|
|
50
|
+
# @return [Array]
|
|
51
|
+
attr_accessor :assets_extensions
|
|
52
|
+
|
|
46
53
|
alias_method :throttleable?, :throttle
|
|
47
54
|
alias_method :trackable?, :track
|
|
48
55
|
|
|
@@ -54,6 +61,7 @@ module Nexaas
|
|
|
54
61
|
@request_identifier = nil
|
|
55
62
|
@redis_options = default_redis_options
|
|
56
63
|
@ignored_user_agents = nil
|
|
64
|
+
@assets_extensions = %w[css js jpg jpeg png gif woff ttf svg]
|
|
57
65
|
end
|
|
58
66
|
|
|
59
67
|
def check!
|
|
@@ -7,6 +7,7 @@ module Nexaas
|
|
|
7
7
|
@request = request
|
|
8
8
|
@token = configuration.request_identifier.new(request).token
|
|
9
9
|
@ignored_user_agents = configuration.ignored_user_agents
|
|
10
|
+
@assets_extensions = configuration.assets_extensions
|
|
10
11
|
end
|
|
11
12
|
|
|
12
13
|
def throttle!
|
|
@@ -19,24 +20,22 @@ module Nexaas
|
|
|
19
20
|
|
|
20
21
|
private
|
|
21
22
|
|
|
22
|
-
attr_reader :request, :token, :ignored_user_agents
|
|
23
|
+
attr_reader :request, :token, :ignored_user_agents, :assets_extensions
|
|
23
24
|
|
|
24
25
|
def validate
|
|
25
|
-
return if ignore_user_agents? ||
|
|
26
|
+
return if ignore_user_agents? || asset_request? || token.blank?
|
|
26
27
|
request.env["nexaas.token"] = token
|
|
27
28
|
yield if block_given?
|
|
28
29
|
end
|
|
29
30
|
|
|
30
|
-
def
|
|
31
|
+
def asset_request?
|
|
31
32
|
path = request.path
|
|
32
|
-
path.match(%r{/assets}).present? || path.match(
|
|
33
|
+
path.match(%r{/assets}).present? || path.match(assets_extensions_regexp).present?
|
|
33
34
|
end
|
|
34
35
|
|
|
35
|
-
def
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
/\.(#{extensions_group})(\?\S*)?$/
|
|
39
|
-
end
|
|
36
|
+
def assets_extensions_regexp
|
|
37
|
+
extensions = assets_extensions.join("|")
|
|
38
|
+
/\.(#{extensions})$/
|
|
40
39
|
end
|
|
41
40
|
|
|
42
41
|
def ignore_user_agents?
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexaas-throttle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Wanderson Policarpo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-02-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -183,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
183
183
|
version: '0'
|
|
184
184
|
requirements: []
|
|
185
185
|
rubyforge_project:
|
|
186
|
-
rubygems_version: 2.
|
|
186
|
+
rubygems_version: 2.7.3
|
|
187
187
|
signing_key:
|
|
188
188
|
specification_version: 4
|
|
189
189
|
summary: A tiny engine to allow throttling and blacklisting requests.
|