perimeter_x 1.0.5 → 1.0.6.pre.alpha
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -5
- data/Dockerfile +3 -5
- data/Gemfile +1 -1
- data/Gemfile.lock +2 -44
- data/LICENSE.txt +12 -9
- data/Rakefile +2 -9
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/changelog.md +0 -16
- data/examples/home_controller.rb.dist +23 -0
- data/examples/{config/routes.rb → routes.rb} +0 -0
- data/lib/perimeter_x.rb +33 -109
- data/lib/perimeterx/configuration.rb +17 -24
- data/lib/perimeterx/internal/perimeter_x_context.rb +53 -74
- data/lib/perimeterx/internal/perimeter_x_risk_client.rb +29 -0
- data/lib/perimeterx/internal/perimeter_x_s2s_validator.rb +67 -0
- data/lib/perimeterx/utils/px_http_client.rb +26 -47
- data/lib/perimeterx/utils/px_logger.rb +6 -12
- data/lib/perimeterx/version.rb +2 -2
- data/perimeter_x.gemspec +1 -6
- data/readme.md +34 -218
- metadata +11 -90
- data/examples/app/controllers/home_controller.rb +0 -9
- data/examples/app/views/home/index.html.erb.dist +0 -20
- data/examples/config/initializers/perimeterx.rb.dist +0 -8
- data/lib/perimeterx/internal/clients/perimeter_x_activity_client.rb +0 -92
- data/lib/perimeterx/internal/clients/perimeter_x_risk_client.rb +0 -28
- data/lib/perimeterx/internal/exceptions/px_cookie_decryption_exception.rb +0 -5
- data/lib/perimeterx/internal/perimeter_x_cookie.rb +0 -140
- data/lib/perimeterx/internal/perimeter_x_cookie_v1.rb +0 -42
- data/lib/perimeterx/internal/perimeter_x_cookie_v3.rb +0 -37
- data/lib/perimeterx/internal/validators/perimeter_x_captcha_validator.rb +0 -65
- data/lib/perimeterx/internal/validators/perimeter_x_cookie_validator.rb +0 -70
- data/lib/perimeterx/internal/validators/perimeter_x_s2s_validator.rb +0 -114
- data/lib/perimeterx/utils/px_constants.rb +0 -44
- data/lib/perimeterx/utils/px_template_factory.rb +0 -31
- data/lib/perimeterx/utils/templates/block.mustache +0 -146
- data/lib/perimeterx/utils/templates/captcha.mustache +0 -185
@@ -0,0 +1,67 @@
|
|
1
|
+
require 'perimeterx/internal/perimeter_x_risk_client'
|
2
|
+
|
3
|
+
class PerimeterxS2SValidator < PerimeterxRiskClient
|
4
|
+
|
5
|
+
attr_accessor :risk_mode
|
6
|
+
attr_accessor :response
|
7
|
+
|
8
|
+
def initialize(px_ctx, px_config, http_client)
|
9
|
+
L.info("PerimeterxS2SValidator: initialize")
|
10
|
+
@px_ctx = px_ctx
|
11
|
+
@px_config = px_config
|
12
|
+
@http_client = http_client
|
13
|
+
end
|
14
|
+
|
15
|
+
def send_risk_request
|
16
|
+
L.info("PerimeterxS2SValidator[send_risk_request]: send_risk_request")
|
17
|
+
request_body = {
|
18
|
+
'request' => {
|
19
|
+
'ip' => @px_ctx.context[:ip],
|
20
|
+
'headers' => format_headers(),
|
21
|
+
'url' => @px_ctx.context[:full_url]
|
22
|
+
},
|
23
|
+
'additional' => {
|
24
|
+
's2s_call_reason' => @px_ctx.context[:s2s_call_reason],
|
25
|
+
'module_version' => @px_config["sdk_name"],
|
26
|
+
'http_method' => @px_ctx.context[:http_method],
|
27
|
+
'http_version' => @px_ctx.context[:http_version],
|
28
|
+
}
|
29
|
+
}
|
30
|
+
|
31
|
+
headers = {
|
32
|
+
"Authorization" => "Bearer #{@px_config['auth_token']}" ,
|
33
|
+
"Content-Type" => "application/json"
|
34
|
+
};
|
35
|
+
|
36
|
+
return @http_client.post("/api/v2/risk", request_body, headers)
|
37
|
+
end
|
38
|
+
|
39
|
+
def verify
|
40
|
+
L.info("PerimeterxS2SValidator[verify]: started")
|
41
|
+
response = send_risk_request()
|
42
|
+
if (!response)
|
43
|
+
return @px_ctx
|
44
|
+
end
|
45
|
+
@px_ctx.context[:made_s2s_risk_api_call] = true
|
46
|
+
response_body = eval(response.content);
|
47
|
+
# When success
|
48
|
+
if (response.status == 200 && response_body.key?(:score) && response_body.key?(:action))
|
49
|
+
L.info("PerimeterxS2SValidator[verify]: response ok")
|
50
|
+
score = response_body[:score]
|
51
|
+
@px_ctx.context[:score] = score
|
52
|
+
@px_ctx.context[:uuid] = response_body[:uuid]
|
53
|
+
@px_ctx.context[:block_action] = response_body[:action]
|
54
|
+
end #end success response
|
55
|
+
|
56
|
+
# When error
|
57
|
+
if(response.status != 200)
|
58
|
+
L.warn("PerimeterxS2SValidator[verify]: bad response, return code #{response.code}")
|
59
|
+
@px_ctx.context[:uuid] = ""
|
60
|
+
@px_ctx.context[:s2s_error_msg] = response_body[:message]
|
61
|
+
end
|
62
|
+
|
63
|
+
L.info("PerimeterxS2SValidator[verify]: done")
|
64
|
+
return @px_ctx
|
65
|
+
end #end method
|
66
|
+
|
67
|
+
end
|
@@ -1,55 +1,34 @@
|
|
1
1
|
require "perimeterx/utils/px_logger"
|
2
2
|
require "httpclient"
|
3
3
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
4
|
+
class PxHttpClient
|
5
|
+
L = PxLogger.instance
|
6
|
+
attr_accessor :px_config
|
7
|
+
attr_accessor :BASE_URL
|
8
|
+
attr_accessor :http_client
|
9
9
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
end
|
16
|
-
|
17
|
-
def post(path, body, headers, api_timeout = 0, timeoute = 0)
|
18
|
-
s = Time.now
|
19
|
-
begin
|
20
|
-
@logger.debug("PxHttpClient[post]: posting to #{path} headers {#{headers.to_json()}} body: {#{body.to_json()}} ")
|
21
|
-
response = @http_client.post(path,
|
22
|
-
:header => headers,
|
23
|
-
:body => body.to_json(),
|
24
|
-
:timeout => api_timeout
|
25
|
-
)
|
26
|
-
rescue Net::OpenTimeout, Net::ReadTimeout => error
|
27
|
-
@logger.warn("PerimeterxS2SValidator[verify]: request timedout")
|
28
|
-
return false
|
29
|
-
end
|
30
|
-
e = Time.now
|
31
|
-
@logger.debug("PxHttpClient[post]: runtime: #{e-s}")
|
32
|
-
return response
|
33
|
-
end
|
10
|
+
def initialize(px_config)
|
11
|
+
L.info("PxHttpClient[initialize]: HTTP client is being initilized with base_uri: #{px_config['perimeterx_server_host']}")
|
12
|
+
@px_config = px_config
|
13
|
+
@http_client = HTTPClient.new(:base_url => px_config['perimeterx_server_host'])
|
14
|
+
end
|
34
15
|
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
return false
|
48
|
-
end
|
49
|
-
e = Time.now
|
50
|
-
@logger.debug("PxHttpClient[post]: runtime: #{e-s}")
|
51
|
-
return response
|
16
|
+
def post(path, body, headers, connection_timeout = 0, timeoute = 0)
|
17
|
+
s = Time.now
|
18
|
+
begin
|
19
|
+
L.info("PxHttpClient[post]: posting to #{path} headers {#{headers.to_json()}} body: {#{body.to_json()}} ")
|
20
|
+
response = @http_client.post(path,
|
21
|
+
:header => headers,
|
22
|
+
:body => body.to_json(),
|
23
|
+
:timeout => @px_config['api_timeout']
|
24
|
+
)
|
25
|
+
rescue Net::OpenTimeout, Net::ReadTimeout => error
|
26
|
+
L.warn("PerimeterxS2SValidator[verify]: request timedout")
|
27
|
+
return false
|
52
28
|
end
|
53
|
-
|
29
|
+
e = Time.now
|
30
|
+
L.info("PxHttpClient[post]: runtime: #{e-s}")
|
31
|
+
return response
|
54
32
|
end
|
33
|
+
|
55
34
|
end
|
@@ -1,17 +1,11 @@
|
|
1
1
|
require 'logger'
|
2
|
-
module PxModule
|
3
2
|
|
4
|
-
|
5
|
-
|
6
|
-
def initialize(debug)
|
7
|
-
if debug
|
8
|
-
super(STDOUT)
|
9
|
-
else
|
10
|
-
super(nil)
|
11
|
-
end
|
12
|
-
|
13
|
-
end
|
3
|
+
class PxLogger
|
4
|
+
@@instance = Logger.new(STDOUT)
|
14
5
|
|
6
|
+
def self.instance
|
7
|
+
return @@instance
|
15
8
|
end
|
16
|
-
|
9
|
+
|
10
|
+
private_class_method :new
|
17
11
|
end
|
data/lib/perimeterx/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
module
|
2
|
-
VERSION = '1.0.
|
1
|
+
module PerimeterX
|
2
|
+
VERSION = '1.0.6-alpha'
|
3
3
|
end
|
data/perimeter_x.gemspec
CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |gem|
|
|
9
9
|
gem.description = "PerimeterX ruby module to monitor and block traffic according to PerimeterX risk score"
|
10
10
|
gem.licenses = ['MIT']
|
11
11
|
gem.homepage = "https://www.perimeterx.com"
|
12
|
-
gem.version =
|
12
|
+
gem.version = PerimeterX::VERSION
|
13
13
|
|
14
14
|
gem.authors = ["Nitzan Goldfeder"]
|
15
15
|
gem.email = "nitzan@perimeterx.com"
|
@@ -31,9 +31,4 @@ Gem::Specification.new do |gem|
|
|
31
31
|
gem.required_ruby_version = '>= 2.3'
|
32
32
|
|
33
33
|
gem.add_dependency('httpclient', '2.8.2.4')
|
34
|
-
gem.add_dependency('mustache', '~> 1.0', '>= 1.0.3')
|
35
|
-
gem.add_dependency('activesupport', '>= 4.2.0')
|
36
|
-
|
37
|
-
gem.add_development_dependency 'rspec', '~> 3.0'
|
38
|
-
gem.add_development_dependency 'mocha', '~> 1.2', '>= 1.2.1'
|
39
34
|
end
|
data/readme.md
CHANGED
@@ -10,20 +10,6 @@ Table of Contents
|
|
10
10
|
* [Installation](#installation)
|
11
11
|
* [Basic Usage Example](#basic-usage)
|
12
12
|
- [Configuration](#configuration)
|
13
|
-
* [Configuring Required Parameters](#requireied-params)
|
14
|
-
* [Blocking Score](#blocking-score)
|
15
|
-
* [Custom Block Page](#custom-block-page)
|
16
|
-
* [Custom Block Action](#custom-block-action)
|
17
|
-
* [Enable/Disable Captcha](#captcha-support)
|
18
|
-
* [Extracting Real IP Address](#real-ip)
|
19
|
-
* [Custom URI](#custom-uri)
|
20
|
-
* [Filter Sensitive Headers](#sensitive-headers)
|
21
|
-
* [API Timeouts](#api-timeout)
|
22
|
-
* [Send Page Activities](#send-page-activities)
|
23
|
-
* [Additional Page Activity Handler](#additional-page-activity-handler)
|
24
|
-
* [Monitor Only](#logging)
|
25
|
-
* [Debug Mode](#debug-mode)
|
26
|
-
- [Contributing](#contributing)
|
27
13
|
|
28
14
|
<a name="Usage"></a>
|
29
15
|
<a name="dependencies"></a> Dependencies
|
@@ -31,87 +17,66 @@ Table of Contents
|
|
31
17
|
|
32
18
|
- Ruby version 2.3+
|
33
19
|
- Rails version 4.2
|
34
|
-
- [
|
35
|
-
- [mustache](https://rubygems.org/gems/mustache)
|
20
|
+
- [httparty](https://github.com/jnunemaker/httparty)
|
36
21
|
|
37
22
|
<a name="installation"></a> Installation
|
38
23
|
----------------------------------------
|
39
|
-
Install it through command line ```gem install perimeter_x```
|
24
|
+
Install it through command line ```gem install perimeter_x --pre```
|
25
|
+
Or add it in Gemfile ```gem 'perimeter_x', '~> 1.0.4.pre.alpha'```
|
40
26
|
|
41
27
|
|
42
28
|
<a name=basic-usage></a> Basic Usage Example
|
43
29
|
----------------------------------------
|
30
|
+
On the Rails controller include the PerimeterX SDK via the before_action which will call your defined middleware function. This function is a wrapper for the px_verify method which takes a request and processes it. The verify method can return true if verified, or false if not verified.
|
44
31
|
|
45
|
-
|
46
|
-
Create a configuration file at `<rails_app>/config/initializers/perimeterx.rb` and initialize PerimeterX instance on the rails application startup
|
47
|
-
```ruby
|
48
|
-
params = {
|
49
|
-
:app_id => "APP_ID",
|
50
|
-
:cookie_key => "COOKIE_KEY",
|
51
|
-
:auth_token => "AUTH_TOKEN"
|
52
|
-
}
|
32
|
+
The default condition is to always return true for monitoring mode.
|
53
33
|
|
54
|
-
PxModule.configure(params)
|
55
34
|
```
|
56
|
-
|
57
|
-
On the Rails controller include the PerimeterX SDK via the before_action and call PerimterX middleware function.
|
58
|
-
|
59
|
-
```ruby
|
60
35
|
class HomeController < ApplicationController
|
61
|
-
include
|
62
|
-
|
63
|
-
before_filter :px_verify_request
|
36
|
+
include PerimeterX
|
37
|
+
attr_accessor :px
|
64
38
|
...
|
65
39
|
...
|
66
|
-
|
67
|
-
```
|
68
|
-
|
69
|
-
<a name="configuration"></a> Configuration options
|
70
|
-
----------------------------------------
|
71
|
-
<a name="requireied-params"></a>**Configuring Required Parameters**
|
72
|
-
Configuration options are set on the ``params`` variable on the initializer file.
|
73
|
-
|
74
|
-
- ``app_id``
|
75
|
-
- ``cookie_key``
|
76
|
-
- ``auth_token``
|
77
|
-
|
78
|
-
All parameters are obtainable via the PerimeterX Portal. (Applications and Policies pages)
|
79
|
-
|
80
|
-
<a name="blocking-score"></a>**Changing the Minimum Score for Blocking**
|
81
|
-
|
82
|
-
>Note: Default blocking value: 70
|
83
|
-
|
84
|
-
```ruby
|
85
|
-
params = {
|
40
|
+
before_action :px_middleware
|
86
41
|
...
|
87
|
-
:blocking_score => 100
|
88
42
|
...
|
89
|
-
|
43
|
+
initialize()
|
44
|
+
configuration = {
|
45
|
+
"app_id" => <APP_ID>
|
46
|
+
"auth_token" => <AUTH_TOKEN>
|
47
|
+
}
|
48
|
+
@px = PxModule.instance(params)
|
49
|
+
end
|
50
|
+
...
|
51
|
+
...
|
52
|
+
def px_middleware
|
53
|
+
px.px_verify(request.env)
|
54
|
+
end
|
90
55
|
```
|
91
56
|
|
57
|
+
<a name="configuration"></a> Configuration
|
58
|
+
----------------------------------------
|
92
59
|
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
A custom verification handler is being executed inside ``px_verify_request`` instead of the the default behavior and allows a user to use a custom action based on the risk score returned by PerimeterX.
|
60
|
+
** Custom Verification Handler **
|
61
|
+
A custom verification handler replaces the default handle_verification method and allows you to take a custom action based on the risk score returned by PerimeterX.
|
97
62
|
|
98
63
|
When implemented, this method receives a hash variable as input which represents data from the PerimeterX context of the request (px_ctx).
|
99
64
|
|
100
|
-
- `px_ctx[:score] ` contains the risk score
|
101
|
-
- `px_ctx[:uuid] ` contains the request UUID
|
102
|
-
|
103
|
-
>> Note: to determine whether to return a captcha/block page (HTML) or block JSON payload a reference key on the context will be available: ```px_ctx.context[:format]```
|
65
|
+
- `px_ctx[:score] ` contains the risk score
|
66
|
+
- `px_ctx[:uuid] ` contains the request UUID
|
104
67
|
|
105
68
|
To replace the default verification behavior, add the configuration a lambda member as shown in the example below.
|
106
69
|
|
107
70
|
The method must return boolen value.
|
108
71
|
|
72
|
+
|
73
|
+
|
109
74
|
```ruby
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
if px_ctx
|
75
|
+
configuration = {
|
76
|
+
"app_id" => <APP_ID>,
|
77
|
+
"auth_token" => <AUTH_TOKEN>,
|
78
|
+
"custom_verification_handler" => -> (px_ctx) {
|
79
|
+
if px_ctx[:score] >= 60
|
115
80
|
# take your action and retun a message or JSON with a status code of 403 and option UUID of the request. Can return false and include action in the px_middleware method.
|
116
81
|
end
|
117
82
|
return true
|
@@ -119,33 +84,7 @@ params = {
|
|
119
84
|
}
|
120
85
|
```
|
121
86
|
|
122
|
-
**
|
123
|
-
### Serving a Custom HTML Page ###
|
124
|
-
```ruby
|
125
|
-
|
126
|
-
params[:custom_block_handler] = -> (px_ctx)
|
127
|
-
{
|
128
|
-
block_score = px_ctx.context[:score];
|
129
|
-
block_uuid = px_ctx.context[:uuid];
|
130
|
-
full_url = px_ctx.context[:full_url];
|
131
|
-
|
132
|
-
html = "<html>
|
133
|
-
<body>
|
134
|
-
<div>Access to #{full_url} has been blocked.</div>
|
135
|
-
<div>Block reference - #{block_uuid} </div>
|
136
|
-
<div>Block score - #{block_score} </div>
|
137
|
-
</body>
|
138
|
-
</html>".html_safe
|
139
|
-
response.headers["Content-Type"] = "text/html"
|
140
|
-
response.status = 403
|
141
|
-
render :html => html
|
142
|
-
return false
|
143
|
-
};
|
144
|
-
|
145
|
-
PxModule.configure(params)
|
146
|
-
```
|
147
|
-
|
148
|
-
<a name="real-ip"></a>** Custom User IP **
|
87
|
+
** Custom User IP **
|
149
88
|
|
150
89
|
> Note: IP extraction, according to your network setup, is very important. It is common to have a load balancer/proxy on top of your applications, in which case the PerimeterX module will send the system's internal IP as the user's. In order to properly perform processing and detection on server-to-server calls, PerimeterX module needs the real user's IP.
|
151
90
|
|
@@ -172,126 +111,3 @@ configuration = {
|
|
172
111
|
}
|
173
112
|
}
|
174
113
|
```
|
175
|
-
<a name="custom-block-page"></a>**Customizing Default Block Pages**
|
176
|
-
|
177
|
-
Adding a custom logo to the blocking page is by providing the `params` a key `custom_logo` , the logo will be displayed at the top div of the the block page The logo's `max-heigh` property would be `150px` and width would be set to `auto`
|
178
|
-
|
179
|
-
The key custom_logo expects a valid URL address such as https://s.perimeterx.net/logo.png
|
180
|
-
|
181
|
-
```ruby
|
182
|
-
params = [
|
183
|
-
:app_id => 'APP_ID',
|
184
|
-
:cookie_key => 'COOKIE_SECRET',
|
185
|
-
:auth_token => 'AUTH_TOKEN',
|
186
|
-
:custom_logo => 'LOGO_URL'
|
187
|
-
];
|
188
|
-
```
|
189
|
-
|
190
|
-
**Custom JS/CSS**
|
191
|
-
The block page can be modified with a custom CSS by adding to the `params` the key `css_ref` and providing a valid URL to the css In addition there is also the option to add a custom JS file by adding `js_ref` key to the pxConfig and providing the JS file that will be loaded with the block page, this key also expects a valid URL
|
192
|
-
|
193
|
-
```ruby
|
194
|
-
params = [
|
195
|
-
:app_id => 'APP_ID',
|
196
|
-
:cookie_key => 'COOKIE_SECRET',
|
197
|
-
:auth_token => 'AUTH_TOKEN',
|
198
|
-
:css_ref => 'CSS',
|
199
|
-
:js_ref => 'JS'
|
200
|
-
];
|
201
|
-
```
|
202
|
-
> Note: Custom logo/js/css can be added together
|
203
|
-
|
204
|
-
<a name="logging"></a>**No Blocking, Monitor Only**
|
205
|
-
Default mode: PxModule::ACTIVE_MODE
|
206
|
-
|
207
|
-
- PxModule::ACTIVE_MODE - Module blocks users crossing the predefined block threshold. Server-to-server requests are sent synchronously.
|
208
|
-
|
209
|
-
- PxModule::$MONITOR_MODE - Module does not block users crossing the predefined block threshold. The `custom_block_handler` function will be eval'd in case one is supplied, upon crossing the defined block threshold.
|
210
|
-
|
211
|
-
```ruby
|
212
|
-
params[:module_mode] = PxModule::MONITOR_MODE
|
213
|
-
```
|
214
|
-
|
215
|
-
<a name="captcha-support"></a>**Enable/Disable CAPTCHA on the block page**
|
216
|
-
Default mode: enabled
|
217
|
-
|
218
|
-
By enabling CAPTCHA support, a CAPTCHA will be served as part of the block page, giving real users the ability to identify as a human. By solving the CAPTCHA, the user's score is then cleaned up and the user is allowed to continue normal use.
|
219
|
-
|
220
|
-
```ruby
|
221
|
-
params[:captcha_enabled] = false
|
222
|
-
```
|
223
|
-
|
224
|
-
<a name="custom-uri"></a>**Custom URI**
|
225
|
-
|
226
|
-
Default: 'REQUEST_URI'
|
227
|
-
|
228
|
-
The URI can be returned to the PerimeterX module, using a custom user function, defined on the ``params`` variable
|
229
|
-
|
230
|
-
```ruby
|
231
|
-
params[:custom_uri] = -> (request) {
|
232
|
-
return request.headers['HTTP_X_CUSTOM_URI']
|
233
|
-
}
|
234
|
-
```
|
235
|
-
|
236
|
-
<a name="sensitive-headers"></a>**Filter sensitive headers**
|
237
|
-
A list of sensitive headers can be configured to prevent specific headers from being sent to PerimeterX servers (lower case header names). Filtering cookie headers for privacy is set by default, and can be overridden on the `params` variable.
|
238
|
-
|
239
|
-
Default: cookie, cookies
|
240
|
-
|
241
|
-
```ruby
|
242
|
-
params[:sensitive_headers] = ['cookie', 'cookies', 'secret-header']
|
243
|
-
|
244
|
-
```
|
245
|
-
|
246
|
-
<a name="api-timeout"></a>**API Timeouts**
|
247
|
-
>Note: Controls the timeouts for PerimeterX requests. The API is called when a Risk Cookie does not exist, or is expired or invalid
|
248
|
-
|
249
|
-
The API Timeout, in seconds (int), to wait for the PerimeterX server API response.
|
250
|
-
|
251
|
-
Default: 1
|
252
|
-
|
253
|
-
```ruby
|
254
|
-
params[:api_timeout] = 4
|
255
|
-
```
|
256
|
-
|
257
|
-
<a name="send-page-activities"></a>**Send Page Activities**
|
258
|
-
Default: true
|
259
|
-
A boolean flag to enable or disable sending of activities and metrics to PerimeterX on each page request. Enabling this feature will provide data that populates the PerimeterX portal with valuable information, such as the amount of requests blocked and additional API usage statistics.
|
260
|
-
|
261
|
-
```ruby
|
262
|
-
params[:send_page_activities] = false
|
263
|
-
```
|
264
|
-
|
265
|
-
<a name="additional-page-activity-handler"></a>**Additional Page Activity Handler**
|
266
|
-
|
267
|
-
Adding an additional activity handler is done by setting `additional_activity_handler` with a user defined function on the `params` variable. The `additional_activity_handler` function will be executed before sending the data to the PerimeterX portal.
|
268
|
-
|
269
|
-
Default: Only send activity to PerimeterX as controlled by `params`.
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
```ruby
|
274
|
-
params[:additional_activity_handler] = -> (activity_type, px_ctx, details){
|
275
|
-
// user defined logic comes here
|
276
|
-
};
|
277
|
-
```
|
278
|
-
|
279
|
-
<a name="debug-mode"></a>**Debug Mode**
|
280
|
-
Default: false
|
281
|
-
|
282
|
-
Enables debug logging mode to STDOUT
|
283
|
-
```ruby
|
284
|
-
params[:debug] = true
|
285
|
-
```
|
286
|
-
|
287
|
-
<a name="contributing"></a># Contributing #
|
288
|
-
------------------------------
|
289
|
-
The following steps are welcome when contributing to our project.
|
290
|
-
###Fork/Clone
|
291
|
-
First and foremost, [Create a fork](https://guides.github.com/activities/forking/) of the repository, and clone it locally.
|
292
|
-
Create a branch on your fork, preferably using a self descriptive branch name.
|
293
|
-
|
294
|
-
###Code/Run
|
295
|
-
Help improve our project by implementing missing features, adding capabilities or fixing bugs.
|
296
|
-
|
297
|
-
To run the code, simply follow the steps in the [installation guide](#installation). Grab the keys from the PerimeterX Portal, and try refreshing your page several times continously. If no default behaviours have been overriden, you should see the PerimeterX block page. Solve the CAPTCHA to clean yourself and start fresh again.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: perimeter_x
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.6.pre.alpha
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nitzan Goldfeder
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-03-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -52,74 +52,6 @@ dependencies:
|
|
52
52
|
- - '='
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: 2.8.2.4
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: mustache
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - "~>"
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '1.0'
|
62
|
-
- - ">="
|
63
|
-
- !ruby/object:Gem::Version
|
64
|
-
version: 1.0.3
|
65
|
-
type: :runtime
|
66
|
-
prerelease: false
|
67
|
-
version_requirements: !ruby/object:Gem::Requirement
|
68
|
-
requirements:
|
69
|
-
- - "~>"
|
70
|
-
- !ruby/object:Gem::Version
|
71
|
-
version: '1.0'
|
72
|
-
- - ">="
|
73
|
-
- !ruby/object:Gem::Version
|
74
|
-
version: 1.0.3
|
75
|
-
- !ruby/object:Gem::Dependency
|
76
|
-
name: activesupport
|
77
|
-
requirement: !ruby/object:Gem::Requirement
|
78
|
-
requirements:
|
79
|
-
- - ">="
|
80
|
-
- !ruby/object:Gem::Version
|
81
|
-
version: 4.2.0
|
82
|
-
type: :runtime
|
83
|
-
prerelease: false
|
84
|
-
version_requirements: !ruby/object:Gem::Requirement
|
85
|
-
requirements:
|
86
|
-
- - ">="
|
87
|
-
- !ruby/object:Gem::Version
|
88
|
-
version: 4.2.0
|
89
|
-
- !ruby/object:Gem::Dependency
|
90
|
-
name: rspec
|
91
|
-
requirement: !ruby/object:Gem::Requirement
|
92
|
-
requirements:
|
93
|
-
- - "~>"
|
94
|
-
- !ruby/object:Gem::Version
|
95
|
-
version: '3.0'
|
96
|
-
type: :development
|
97
|
-
prerelease: false
|
98
|
-
version_requirements: !ruby/object:Gem::Requirement
|
99
|
-
requirements:
|
100
|
-
- - "~>"
|
101
|
-
- !ruby/object:Gem::Version
|
102
|
-
version: '3.0'
|
103
|
-
- !ruby/object:Gem::Dependency
|
104
|
-
name: mocha
|
105
|
-
requirement: !ruby/object:Gem::Requirement
|
106
|
-
requirements:
|
107
|
-
- - "~>"
|
108
|
-
- !ruby/object:Gem::Version
|
109
|
-
version: '1.2'
|
110
|
-
- - ">="
|
111
|
-
- !ruby/object:Gem::Version
|
112
|
-
version: 1.2.1
|
113
|
-
type: :development
|
114
|
-
prerelease: false
|
115
|
-
version_requirements: !ruby/object:Gem::Requirement
|
116
|
-
requirements:
|
117
|
-
- - "~>"
|
118
|
-
- !ruby/object:Gem::Version
|
119
|
-
version: '1.2'
|
120
|
-
- - ">="
|
121
|
-
- !ruby/object:Gem::Version
|
122
|
-
version: 1.2.1
|
123
55
|
description: PerimeterX ruby module to monitor and block traffic according to PerimeterX
|
124
56
|
risk score
|
125
57
|
email: nitzan@perimeterx.com
|
@@ -135,29 +67,18 @@ files:
|
|
135
67
|
- Gemfile.lock
|
136
68
|
- LICENSE.txt
|
137
69
|
- Rakefile
|
70
|
+
- bin/console
|
71
|
+
- bin/setup
|
138
72
|
- changelog.md
|
139
|
-
- examples/
|
140
|
-
- examples/
|
141
|
-
- examples/config/initializers/perimeterx.rb.dist
|
142
|
-
- examples/config/routes.rb
|
73
|
+
- examples/home_controller.rb.dist
|
74
|
+
- examples/routes.rb
|
143
75
|
- lib/perimeter_x.rb
|
144
76
|
- lib/perimeterx/configuration.rb
|
145
|
-
- lib/perimeterx/internal/clients/perimeter_x_activity_client.rb
|
146
|
-
- lib/perimeterx/internal/clients/perimeter_x_risk_client.rb
|
147
|
-
- lib/perimeterx/internal/exceptions/px_cookie_decryption_exception.rb
|
148
77
|
- lib/perimeterx/internal/perimeter_x_context.rb
|
149
|
-
- lib/perimeterx/internal/
|
150
|
-
- lib/perimeterx/internal/
|
151
|
-
- lib/perimeterx/internal/perimeter_x_cookie_v3.rb
|
152
|
-
- lib/perimeterx/internal/validators/perimeter_x_captcha_validator.rb
|
153
|
-
- lib/perimeterx/internal/validators/perimeter_x_cookie_validator.rb
|
154
|
-
- lib/perimeterx/internal/validators/perimeter_x_s2s_validator.rb
|
155
|
-
- lib/perimeterx/utils/px_constants.rb
|
78
|
+
- lib/perimeterx/internal/perimeter_x_risk_client.rb
|
79
|
+
- lib/perimeterx/internal/perimeter_x_s2s_validator.rb
|
156
80
|
- lib/perimeterx/utils/px_http_client.rb
|
157
81
|
- lib/perimeterx/utils/px_logger.rb
|
158
|
-
- lib/perimeterx/utils/px_template_factory.rb
|
159
|
-
- lib/perimeterx/utils/templates/block.mustache
|
160
|
-
- lib/perimeterx/utils/templates/captcha.mustache
|
161
82
|
- lib/perimeterx/version.rb
|
162
83
|
- perimeter_x.gemspec
|
163
84
|
- readme.md
|
@@ -180,12 +101,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
180
101
|
version: '2.3'
|
181
102
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
182
103
|
requirements:
|
183
|
-
- - "
|
104
|
+
- - ">"
|
184
105
|
- !ruby/object:Gem::Version
|
185
|
-
version:
|
106
|
+
version: 1.3.1
|
186
107
|
requirements: []
|
187
108
|
rubyforge_project:
|
188
|
-
rubygems_version: 2.6
|
109
|
+
rubygems_version: 2.4.6
|
189
110
|
signing_key:
|
190
111
|
specification_version: 4
|
191
112
|
summary: PerimeterX ruby implmentation
|
@@ -1,20 +0,0 @@
|
|
1
|
-
<h1>Home#index</h1>
|
2
|
-
<p>Find me in app/views/home/index.html.erb</p>
|
3
|
-
|
4
|
-
<script type="text/javascript">
|
5
|
-
(function(){
|
6
|
-
window._pxAppId ='APP_ID';
|
7
|
-
// Custom parameters
|
8
|
-
// window._pxParam1 = "<param1>";
|
9
|
-
var p = document.getElementsByTagName('script')[0],
|
10
|
-
s = document.createElement('script');
|
11
|
-
s.async = 1;
|
12
|
-
s.src = '//client.perimeterx.net/APP_ID/main.min.js';
|
13
|
-
p.parentNode.insertBefore(s,p);
|
14
|
-
}());
|
15
|
-
</script>
|
16
|
-
<noscript>
|
17
|
-
<div style="position:fixed; top:0; left:0; display:none" width="1" height="1">
|
18
|
-
<img src="//collector-APP_ID.perimeterx.net/api/v1/collector/noScript.gif?appId=APP_ID">
|
19
|
-
</div>
|
20
|
-
</noscript>
|