param_sanitizer 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in ParamSanitizer.gemspec
4
+ gemspec
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Shopify
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,43 @@
1
+ ## Description
2
+
3
+ Simple Middleware for cleaning up possibly bad requests on selected endpoints
4
+
5
+ ## Authors
6
+
7
+ * Chris Saunders (http://christophersaunders.ca)
8
+ * Yagnik Khanna (http://github.com/yagnik)
9
+
10
+ ## Installation
11
+ Add this line to your application's Gemfile:
12
+
13
+ gem 'rack-encoding-validation'
14
+
15
+ And then execute:
16
+
17
+ $ bundle
18
+
19
+ Or install it yourself as:
20
+
21
+ $ gem install rack-encoding-validation
22
+
23
+ ## Usage in Rails
24
+
25
+ In `config/application.rb`, add
26
+
27
+ ```ruby
28
+ routes_and_strategies = {
29
+ '/login' => [:SpaceToDash]
30
+ }
31
+ config.middleware.use 'ParamSanitizer::RequestSanitizer', routes_and_strategies
32
+ ```
33
+
34
+ The array can accept a class, a proc, a symbol (inside the ParamSanitizer::Strategies namespace)
35
+ or any object that responds to call
36
+
37
+ ## Contributing
38
+
39
+ 1. Fork it
40
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
41
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
42
+ 4. Push to the branch (`git push origin my-new-feature`)
43
+ 5. Create new Pull Request
@@ -0,0 +1,8 @@
1
+ require "bundler/gem_tasks"
2
+ require 'rake/testtask'
3
+
4
+ Rake::TestTask.new do |t|
5
+ t.libs << 'test'
6
+ t.test_files = FileList['test/**/*test.rb']
7
+ t.verbose = true
8
+ end
@@ -0,0 +1,6 @@
1
+ require "param_sanitizer/version"
2
+ require "param_sanitizer/strategies"
3
+ require "param_sanitizer/request_sanitizer"
4
+
5
+ module ParamSanitizer
6
+ end
@@ -0,0 +1,49 @@
1
+ require 'uri'
2
+
3
+ module ParamSanitizer
4
+ class RequestSanitizer
5
+ attr_reader :strategized_routes
6
+
7
+ def initialize(app, *args)
8
+ @app = app
9
+ @strategized_routes = args.last.is_a?(Hash) ? args.last : {}
10
+ emit_warning if @strategized_routes.empty?
11
+ end
12
+
13
+ def call(env)
14
+ request = Rack::Request.new(env)
15
+ request = execute_strategies(request) if has_strategy?(request.path)
16
+ env["QUERY_STRING"] = encode_to_query_string(request.params)
17
+ @app.call(env)
18
+ end
19
+
20
+ def execute_strategies(request)
21
+ strategies = @strategized_routes[request.path]
22
+ strategies.each { |strategy|
23
+ instance = build(strategy)
24
+ instance.call(request) if instance.respond_to? :call
25
+ }
26
+ request
27
+ end
28
+
29
+ def has_strategy?(route)
30
+ @strategized_routes.has_key?(route)
31
+ end
32
+
33
+ def emit_warning
34
+ puts "ParamSanitizer::RequestSanitizer initialized without sanitization strategies. Middleware is now a no-op"
35
+ end
36
+
37
+ def encode_to_query_string(params)
38
+ URI.encode(params.map{|k,v| "#{k}=#{v}"}.join('&'))
39
+ end
40
+
41
+ def build(strategy)
42
+ if strategy.respond_to?(:call) then strategy
43
+ elsif strategy.respond_to?(:new) then strategy.new
44
+ elsif strategy.is_a?(Symbol) then ParamSanitizer::Strategies.const_get("#{strategy}Strategy").new
45
+ else raise ArgumentError.new "#{strategy.to_s} does not support 'call'!"
46
+ end
47
+ end
48
+ end
49
+ end
@@ -0,0 +1,5 @@
1
+ require 'param_sanitizer/strategies/space_to_dash_strategy'
2
+ require 'param_sanitizer/strategies/strip_scheme_strategy'
3
+ require 'param_sanitizer/strategies/strip_path_strategy'
4
+ require 'param_sanitizer/strategies/downcase_strategy'
5
+ require 'param_sanitizer/strategies/noop_strategy'
@@ -0,0 +1,11 @@
1
+ module ParamSanitizer
2
+ module Strategies
3
+ class DowncaseStrategy
4
+ def call(request)
5
+ request.params.each do |key, value|
6
+ request.params[key] = value.downcase
7
+ end
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,8 @@
1
+ module ParamSanitizer
2
+ module Strategies
3
+ class NoOpStrategy
4
+ def call(request)
5
+ end
6
+ end
7
+ end
8
+ end
@@ -0,0 +1,11 @@
1
+ module ParamSanitizer
2
+ module Strategies
3
+ class SpaceToDashStrategy
4
+ def call(request)
5
+ request.params.each do |key, value|
6
+ request.params[key] = value.strip.gsub(' ', '-') if value
7
+ end
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,11 @@
1
+ module ParamSanitizer
2
+ module Strategies
3
+ class StripPathStrategy
4
+ def call(request)
5
+ request.params.each do |key, value|
6
+ request.params[key] = nil if value =~ /\\|\//
7
+ end
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,11 @@
1
+ module ParamSanitizer
2
+ module Strategies
3
+ class StripSchemeStrategy
4
+ def call(request)
5
+ request.params.each do |key, value|
6
+ request.params[key] = value.gsub(/\A(\w*)\:\/\//, '')
7
+ end
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,3 @@
1
+ module ParamSanitizer
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,27 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'param_sanitizer/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "param_sanitizer"
8
+ spec.version = ParamSanitizer::VERSION
9
+ spec.authors = ["Shopify"]
10
+ spec.email = ["gems@shopify.com"]
11
+ spec.description = %q{Simple middleware for cleaning up possibly bad requests on selected endpoints}
12
+ spec.summary = %q{Simple middleware for cleaning up possibly bad requests on selected endpoints}
13
+ spec.homepage = "https://github.com/shopify/param_sanitizer"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_development_dependency "rake"
23
+ spec.add_development_dependency "minitest"
24
+ spec.add_development_dependency "rack"
25
+ spec.add_development_dependency "mocha"
26
+ spec.add_development_dependency "rack-test"
27
+ end
@@ -0,0 +1,21 @@
1
+ require 'integration/test_helper'
2
+
3
+ class ParamSanitizer::ExecuteStrategyTest < ParamSanitizer::IntegrationTest
4
+ test "single strategy executes succesfuly" do
5
+ assert_param("/single?sd=asd asd", 'sd', 'asd-asd')
6
+ end
7
+
8
+ test "multiple strategies execute succesfuly" do
9
+ assert_param("/double?sd=asd asd/../../windows.ini", 'sd', '')
10
+ end
11
+
12
+ test "when a strategy sets a key to nil, subsequent strategies don't fail" do
13
+ assert_param("/breaking?sd=asd asd/../../windows.ini", 'sd', '')
14
+ end
15
+
16
+ def assert_param(uri, key, value)
17
+ last_response = get uri_encoder(uri)
18
+ params = extract(last_response.body)
19
+ assert_equal value, params[key]
20
+ end
21
+ end
@@ -0,0 +1,30 @@
1
+ require 'test_helper'
2
+ require 'rack/test'
3
+ require 'rack/utils'
4
+ require 'uri'
5
+
6
+ class ParamSanitizer::IntegrationTest < ParamSanitizer::TestCase
7
+ include Rack::Test::Methods
8
+
9
+ DEFAULT_ROUTES = {
10
+ '/single' => [ParamSanitizer::Strategies::SpaceToDashStrategy],
11
+ '/double' => [ParamSanitizer::Strategies::SpaceToDashStrategy, ParamSanitizer::Strategies::StripPathStrategy],
12
+ '/breaking' => [ParamSanitizer::Strategies::StripPathStrategy, ParamSanitizer::Strategies::SpaceToDashStrategy]
13
+ }
14
+
15
+ def app
16
+ ParamSanitizer::RequestSanitizer.new(dummy_app, DEFAULT_ROUTES)
17
+ end
18
+
19
+ def dummy_app
20
+ lambda { |env| [200, {}, [env["QUERY_STRING"]]] }
21
+ end
22
+
23
+ def extract(msg)
24
+ Rack::Utils.parse_nested_query(msg)
25
+ end
26
+
27
+ def uri_encoder(input)
28
+ URI.encode(input)
29
+ end
30
+ end
@@ -0,0 +1,10 @@
1
+ require 'param_sanitizer'
2
+ require 'minitest/autorun'
3
+ require 'rack/mock'
4
+ require 'mocha/setup'
5
+
6
+ class ParamSanitizer::TestCase < MiniTest::Unit::TestCase
7
+ def self.test(test_description, &block)
8
+ define_method "test_#{test_description.gsub(/\s/, '_')}", &block
9
+ end
10
+ end
@@ -0,0 +1,89 @@
1
+ require 'unit/test_helper'
2
+
3
+ module ParamSanitizer
4
+
5
+ class RequestSanitizerDouble < RequestSanitizer
6
+ def emit_warning
7
+ end
8
+ end
9
+
10
+ class Tester < ParamSanitizer::UnitTest
11
+ def initialize
12
+ @val = 0
13
+ end
14
+ def call(request)
15
+ @val += 1
16
+ assert_equal 1, @val
17
+ end
18
+ end
19
+
20
+ class RequestSanitizerTest < ParamSanitizer::UnitTest
21
+ def setup
22
+ @app = stub(:call => [200, {}, []])
23
+ @strategies = {
24
+ '/login' => [stub(:call), stub(:call)]
25
+ }
26
+ end
27
+
28
+ test "strategized_routes have value set is last argument is a hash" do
29
+ assert_equal @strategies, middleware.strategized_routes
30
+ end
31
+
32
+ test "set strategized_routes to empty hash if hash isn't passed in" do
33
+ middleware = RequestSanitizerDouble.new(@app)
34
+ assert_equal({}, middleware.strategized_routes)
35
+ end
36
+
37
+ test "it should emit_warning if nothing was passed into the initializer" do
38
+ RequestSanitizerDouble.any_instance.expects(:emit_warning)
39
+ RequestSanitizerDouble.new(@app)
40
+ end
41
+
42
+ test "has_strategy? should return true if routes match" do
43
+ assert middleware.has_strategy?('/login'), 'The strategies include the path /login and should be passing'
44
+ end
45
+
46
+ test "execute_strategies should execute a single strategy" do
47
+ @strategies["/login"] = [mock('single-strategy-mock', :call)]
48
+ Rack::MockRequest.new(middleware).get('/login')
49
+ end
50
+
51
+ test "execute_strategies should execute in order" do
52
+ called = 0
53
+ handler1 = lambda { |request| request['doodle'] = 'called'; called += 1 }
54
+ handler2 = lambda { |request| assert_equal('called', request['doodle']); called += 1 }
55
+ @strategies['/login'] = [handler1, handler2]
56
+ Rack::MockRequest.new(middleware).get('/login')
57
+ assert_equal 2, called
58
+ end
59
+
60
+ test "execute_strategies should execute a proc" do
61
+ called = 0
62
+ @strategies["/login"] = [lambda{|request| called += 1}]
63
+ Rack::MockRequest.new(middleware).get('/login')
64
+ assert_equal 1, called
65
+ end
66
+
67
+ test "execute_strategies should execute a class" do
68
+ @strategies["/login"] = [Tester]
69
+ Rack::MockRequest.new(middleware).get('/login')
70
+ end
71
+
72
+ test "execute_strategies should execute a symbol" do
73
+ @strategies["/login"] = [:SpaceToDash]
74
+ ParamSanitizer::Strategies::SpaceToDashStrategy.any_instance.expects(:call)
75
+ Rack::MockRequest.new(middleware).get('/login')
76
+ end
77
+
78
+ test "execute strategies should raise ArgumentError if incorrect type is passed in" do
79
+ @strategies["/login"] = ["SpaceToDash"]
80
+ assert_raises ArgumentError do
81
+ Rack::MockRequest.new(middleware).get('/login')
82
+ end
83
+ end
84
+
85
+ def middleware
86
+ RequestSanitizerDouble.new(@app, @strategies)
87
+ end
88
+ end
89
+ end
@@ -0,0 +1,20 @@
1
+ require 'unit/test_helper'
2
+
3
+ module ParamSanitizer
4
+ module Strategies
5
+ class DowncaseStrategyTest < ParamSanitizer::UnitTest
6
+
7
+ def setup
8
+ @sanitizer = DowncaseStrategy.new
9
+ end
10
+
11
+ test "it should not convert a request that is lowercase" do
12
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'foo_bar_baz')
13
+ end
14
+
15
+ test "it should convert a request with upper case in a specific query parameter to lower case" do
16
+ assert_sanitized_request(@sanitizer, 'foo-bar-baz', 'fOO-bar-baz')
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,28 @@
1
+ require 'unit/test_helper'
2
+
3
+ module ParamSanitizer
4
+ module Strategies
5
+ class SpaceToDashStrategyTest < ParamSanitizer::UnitTest
6
+
7
+ def setup
8
+ @sanitizer = SpaceToDashStrategy.new
9
+ end
10
+
11
+ test "it should not convert a request that doesn't have spaces" do
12
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'foo_bar_baz')
13
+ end
14
+
15
+ test "it should convert a request with spaces in a specific query parameter to dashes" do
16
+ assert_sanitized_request(@sanitizer, 'foo-bar-baz', 'foo bar baz')
17
+ end
18
+
19
+ test "it should convert a request with URI-encoded spaces in a specific query parameter to dashes" do
20
+ assert_sanitized_request(@sanitizer, 'foo-bar-baz', 'foo%20bar%20baz')
21
+ end
22
+
23
+ test "it should not add dashes to the start or end of a string" do
24
+ assert_sanitized_request(@sanitizer, 'foo-bar-baz', ' foo bar baz ')
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,27 @@
1
+ require 'unit/test_helper'
2
+
3
+ module ParamSanitizer
4
+ module Strategies
5
+ class StripPathStrategyTest < ParamSanitizer::UnitTest
6
+ def setup
7
+ @sanitizer = StripPathStrategy.new
8
+ end
9
+
10
+ test "it should not convert a request that doesn't contain a path" do
11
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'foo_bar_baz')
12
+ end
13
+
14
+ test "it should set the param to nil if the request contains a path" do
15
+ assert_sanitized_request(@sanitizer, nil, '../../../../../../mysql.conf')
16
+ end
17
+
18
+ test "it should set the param to nil if the request contains a windows-style file path" do
19
+ assert_sanitized_request(@sanitizer, nil, '..\..\..\..\..\windows.ini')
20
+ end
21
+
22
+ test "it should set the param to nil if the request contains HTML-like text" do
23
+ assert_sanitized_request(@sanitizer, nil, '%28%29%26%25<ScRiPt>prompt(23424324)</ScRiPt>')
24
+ end
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,32 @@
1
+ require 'unit/test_helper'
2
+
3
+ module ParamSanitizer
4
+ module Strategies
5
+ class StripSchemeStrategyTest < ParamSanitizer::UnitTest
6
+
7
+ def setup
8
+ @sanitizer = StripSchemeStrategy.new
9
+ end
10
+
11
+ test "it should not convert a request that doesn't have scheme" do
12
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'foo_bar_baz')
13
+ end
14
+
15
+ test "it should remove a request with http scheme in the parameter" do
16
+ assert_sanitized_request(@sanitizer, 'foo bar', 'http://foo bar')
17
+ end
18
+
19
+ test "it should remove a request with ftp scheme in the parameter" do
20
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'ftp://foo_bar_baz')
21
+ end
22
+
23
+ test "it shouldn't care what kind of scheme is in the parameter" do
24
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', 'taters://foo_bar_baz')
25
+ end
26
+
27
+ test "it should sanitize the scheme, even if the scheme is absent" do
28
+ assert_sanitized_request(@sanitizer, 'foo_bar_baz', '://foo_bar_baz')
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,17 @@
1
+ require 'test_helper'
2
+
3
+ class ParamSanitizer::UnitTest < ParamSanitizer::TestCase
4
+
5
+ def app(sanitizer, expectation)
6
+ lambda { |env|
7
+ request = Rack::Request.new(env)
8
+ sanitizer.call(request)
9
+ assert_equal expectation, request.params['query']
10
+ [200, {'Content-Type' => 'text/plain'}, ['Hello World']]
11
+ }
12
+ end
13
+
14
+ def assert_sanitized_request(sanitizer, expected, query)
15
+ Rack::MockRequest.new(app(sanitizer, expected)).get('/', 'QUERY_STRING' => "query=#{query}")
16
+ end
17
+ end
metadata ADDED
@@ -0,0 +1,181 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: param_sanitizer
3
+ version: !ruby/object:Gem::Version
4
+ prerelease:
5
+ version: 0.0.1
6
+ platform: ruby
7
+ authors:
8
+ - Shopify
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-09-04 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ prerelease: false
16
+ name: bundler
17
+ type: :development
18
+ version_requirements: !ruby/object:Gem::Requirement
19
+ requirements:
20
+ - - ~>
21
+ - !ruby/object:Gem::Version
22
+ version: '1.3'
23
+ none: false
24
+ requirement: !ruby/object:Gem::Requirement
25
+ requirements:
26
+ - - ~>
27
+ - !ruby/object:Gem::Version
28
+ version: '1.3'
29
+ none: false
30
+ - !ruby/object:Gem::Dependency
31
+ prerelease: false
32
+ name: rake
33
+ type: :development
34
+ version_requirements: !ruby/object:Gem::Requirement
35
+ requirements:
36
+ - - ! '>='
37
+ - !ruby/object:Gem::Version
38
+ version: '0'
39
+ none: false
40
+ requirement: !ruby/object:Gem::Requirement
41
+ requirements:
42
+ - - ! '>='
43
+ - !ruby/object:Gem::Version
44
+ version: '0'
45
+ none: false
46
+ - !ruby/object:Gem::Dependency
47
+ prerelease: false
48
+ name: minitest
49
+ type: :development
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ! '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ none: false
56
+ requirement: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - ! '>='
59
+ - !ruby/object:Gem::Version
60
+ version: '0'
61
+ none: false
62
+ - !ruby/object:Gem::Dependency
63
+ prerelease: false
64
+ name: rack
65
+ type: :development
66
+ version_requirements: !ruby/object:Gem::Requirement
67
+ requirements:
68
+ - - ! '>='
69
+ - !ruby/object:Gem::Version
70
+ version: '0'
71
+ none: false
72
+ requirement: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - ! '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ none: false
78
+ - !ruby/object:Gem::Dependency
79
+ prerelease: false
80
+ name: mocha
81
+ type: :development
82
+ version_requirements: !ruby/object:Gem::Requirement
83
+ requirements:
84
+ - - ! '>='
85
+ - !ruby/object:Gem::Version
86
+ version: '0'
87
+ none: false
88
+ requirement: !ruby/object:Gem::Requirement
89
+ requirements:
90
+ - - ! '>='
91
+ - !ruby/object:Gem::Version
92
+ version: '0'
93
+ none: false
94
+ - !ruby/object:Gem::Dependency
95
+ prerelease: false
96
+ name: rack-test
97
+ type: :development
98
+ version_requirements: !ruby/object:Gem::Requirement
99
+ requirements:
100
+ - - ! '>='
101
+ - !ruby/object:Gem::Version
102
+ version: '0'
103
+ none: false
104
+ requirement: !ruby/object:Gem::Requirement
105
+ requirements:
106
+ - - ! '>='
107
+ - !ruby/object:Gem::Version
108
+ version: '0'
109
+ none: false
110
+ description: Simple middleware for cleaning up possibly bad requests on selected endpoints
111
+ email:
112
+ - gems@shopify.com
113
+ executables: []
114
+ extensions: []
115
+ extra_rdoc_files: []
116
+ files:
117
+ - .gitignore
118
+ - Gemfile
119
+ - LICENSE.txt
120
+ - README.md
121
+ - Rakefile
122
+ - lib/param_sanitizer.rb
123
+ - lib/param_sanitizer/request_sanitizer.rb
124
+ - lib/param_sanitizer/strategies.rb
125
+ - lib/param_sanitizer/strategies/downcase_strategy.rb
126
+ - lib/param_sanitizer/strategies/noop_strategy.rb
127
+ - lib/param_sanitizer/strategies/space_to_dash_strategy.rb
128
+ - lib/param_sanitizer/strategies/strip_path_strategy.rb
129
+ - lib/param_sanitizer/strategies/strip_scheme_strategy.rb
130
+ - lib/param_sanitizer/version.rb
131
+ - param_sanitizer.gemspec
132
+ - test/integration/execute_strategy_test.rb
133
+ - test/integration/test_helper.rb
134
+ - test/test_helper.rb
135
+ - test/unit/request_sanitizer_test.rb
136
+ - test/unit/strategies/downcase_strategy_test.rb
137
+ - test/unit/strategies/space_to_dash_strategy_test.rb
138
+ - test/unit/strategies/strip_path_strategy_test.rb
139
+ - test/unit/strategies/strip_scheme_strategy_test.rb
140
+ - test/unit/test_helper.rb
141
+ homepage: https://github.com/shopify/param_sanitizer
142
+ licenses:
143
+ - MIT
144
+ post_install_message:
145
+ rdoc_options: []
146
+ require_paths:
147
+ - lib
148
+ required_ruby_version: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ! '>='
151
+ - !ruby/object:Gem::Version
152
+ segments:
153
+ - 0
154
+ hash: -2112654682978729289
155
+ version: '0'
156
+ none: false
157
+ required_rubygems_version: !ruby/object:Gem::Requirement
158
+ requirements:
159
+ - - ! '>='
160
+ - !ruby/object:Gem::Version
161
+ segments:
162
+ - 0
163
+ hash: -2112654682978729289
164
+ version: '0'
165
+ none: false
166
+ requirements: []
167
+ rubyforge_project:
168
+ rubygems_version: 1.8.23
169
+ signing_key:
170
+ specification_version: 3
171
+ summary: Simple middleware for cleaning up possibly bad requests on selected endpoints
172
+ test_files:
173
+ - test/integration/execute_strategy_test.rb
174
+ - test/integration/test_helper.rb
175
+ - test/test_helper.rb
176
+ - test/unit/request_sanitizer_test.rb
177
+ - test/unit/strategies/downcase_strategy_test.rb
178
+ - test/unit/strategies/space_to_dash_strategy_test.rb
179
+ - test/unit/strategies/strip_path_strategy_test.rb
180
+ - test/unit/strategies/strip_scheme_strategy_test.rb
181
+ - test/unit/test_helper.rb