private_address_check 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of private_address_check might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/private_address_check.rb +4 -2
- data/lib/private_address_check/version.rb +1 -1
- data/test/private_address_check_test.rb +4 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da10ec0518f085a1c9241a4b46000fe8dbe59d4f
|
|
4
|
+
data.tar.gz: 59f1569f6f714c8f574a788baa4b0340d9ab3b88
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 71f1ca3c4423b09cdc8b5807b3e29615bde3e449cd3e293e2ee65399e8210f4b44f6b71e71ec220def219875812dd25f163b7778d3f068c8fae59685179ff239
|
|
7
|
+
data.tar.gz: 0d5ee71dac1d33cc70bbebae81a7724da3deb096d658351810cb68a4fd779193402b80aafdc3cef74d2e32c097ce8d24aa3b05997cfeef660c6cad105a54e2f2
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
require "ipaddr"
|
|
2
|
-
require "
|
|
2
|
+
require "socket"
|
|
3
3
|
|
|
4
4
|
require "private_address_check/version"
|
|
5
5
|
|
|
@@ -30,7 +30,9 @@ module PrivateAddressCheck
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def resolves_to_private_address?(hostname)
|
|
33
|
-
ips =
|
|
33
|
+
ips = Socket.getaddrinfo(hostname, nil).map { |info| IPAddr.new(info[3]) }
|
|
34
|
+
return true if ips.empty?
|
|
35
|
+
|
|
34
36
|
ips.any? do |ip|
|
|
35
37
|
private_address?(ip)
|
|
36
38
|
end
|
|
@@ -35,4 +35,8 @@ class PrivateAddressCheckTest < Minitest::Test
|
|
|
35
35
|
def test_private_hostname_for_private_addresses
|
|
36
36
|
assert PrivateAddressCheck.resolves_to_private_address?("localhost")
|
|
37
37
|
end
|
|
38
|
+
|
|
39
|
+
def test_private_address_for_malformed_addresses
|
|
40
|
+
assert PrivateAddressCheck.resolves_to_private_address?("127.1")
|
|
41
|
+
end
|
|
38
42
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: private_address_check
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- John Downey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
91
91
|
version: '0'
|
|
92
92
|
requirements: []
|
|
93
93
|
rubyforge_project:
|
|
94
|
-
rubygems_version: 2.6.
|
|
94
|
+
rubygems_version: 2.6.13
|
|
95
95
|
signing_key:
|
|
96
96
|
specification_version: 4
|
|
97
97
|
summary: Prevent Server Side Request Forgery attacks by checking the destination
|