rack-attack 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of rack-attack might be problematic. Click here for more details.

Files changed (8) hide show
  1. data/README.md +13 -3
  2. data/lib/rack/attack.rb +3 -3
  3. data/lib/rack/attack/check.rb +3 -2
  4. data/lib/rack/attack/throttle.rb +4 -2
  5. data/lib/rack/attack/version.rb +1 -1
  6. data/spec/rack_attack_spec.rb +7 -3
  7. metadata +1 -2
  8. data/LICENSE +0 -20
data/README.md CHANGED
@@ -82,7 +82,11 @@ Note that `req` is a [Rack::Request](http://rack.rubyforge.org/doc/classes/Rack/
82
82
  Customize the response of throttled requests using an object that adheres to the [Rack app interface](http://rack.rubyforge.org/doc/SPEC.html).
83
83
 
84
84
  Rack:Attack.throttled_response = lambda do |env|
85
- env['rack.attack.throttled'] # name and other data about the matched throttle
85
+ # name and other data about the matched throttle
86
+ env['rack.attack.matched']
87
+ env['rack.attack.match_type']
88
+ env['rack.attack.match_data']
89
+
86
90
  [ 503, {}, ['Throttled']]
87
91
  end
88
92
 
@@ -97,9 +101,9 @@ Similarly for blacklisted responses:
97
101
 
98
102
  Rack::Attack uses the [ActiveSupport::Notifications](http://api.rubyonrails.org/classes/ActiveSupport/Notifications.html) API if available.
99
103
 
100
- You can subscribe to 'rack.attack.{blacklist,throttle,whitelist}' events and log it, graph it, etc:
104
+ You can subscribe to 'rack.attack' events and log it, graph it, etc:
101
105
 
102
- ActiveSupport::Notifications.subscribe('rack.attack.blacklist') do |name, start, finish, request_id, req|
106
+ ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req|
103
107
  puts req.inspect
104
108
  end
105
109
 
@@ -120,3 +124,9 @@ Rack::Attack complements `iptables` and nginx's [limit_zone module](http://wiki.
120
124
  Thanks to [Kickstarter](https://github.com/kickstarter) for sponsoring Rack::Attack development
121
125
 
122
126
  [![Travis CI](https://secure.travis-ci.org/ktheory/rack-attack.png)](http://travis-ci.org/ktheory/rack-attack)
127
+
128
+ ## License
129
+
130
+ Copyright (c) 2012 Kickstarter, Inc
131
+
132
+ Released under an (MIT License](http://opensource.org/licenses/MIT)
data/lib/rack/attack.rb CHANGED
@@ -34,7 +34,7 @@ module Rack::Attack
34
34
  @notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
35
35
  @blacklisted_response ||= lambda {|env| [503, {}, ['Blocked']] }
36
36
  @throttled_response ||= lambda {|env|
37
- retry_after = env['rack.attack.matched'][:period] rescue nil
37
+ retry_after = env['rack.attack.match_data'][:period] rescue nil
38
38
  [503, {'Retry-After' => retry_after}, ['Retry later']]
39
39
  }
40
40
 
@@ -75,8 +75,8 @@ module Rack::Attack
75
75
  end
76
76
  end
77
77
 
78
- def instrument(type, payload)
79
- notifier.instrument("rack.attack.#{type}", payload) if notifier
78
+ def instrument(req)
79
+ notifier.instrument('rack.attack', req) if notifier
80
80
  end
81
81
 
82
82
  def clear!
data/lib/rack/attack/check.rb CHANGED
@@ -10,8 +10,9 @@ module Rack
10
10
  def [](req)
11
11
  block[req].tap {|match|
12
12
  if match
13
- req.env["rack.attack.matched"] = {type => name}
14
- Rack::Attack.instrument(type, req)
13
+ req.env["rack.attack.matched"] = name
14
+ req.env["rack.attack.match_type"] = type
15
+ Rack::Attack.instrument(req)
15
16
  end
16
17
  }
17
18
  end
data/lib/rack/attack/throttle.rb CHANGED
@@ -23,8 +23,10 @@ module Rack
23
23
  count = cache.count(key, period)
24
24
  (count > limit).tap do |throttled|
25
25
  if throttled
26
- req.env['rack.attack.matched'] = {:throttle => name, :count => count, :period => period, :limit => limit}
27
- Rack::Attack.instrument(:throttle, req)
26
+ req.env['rack.attack.matched'] = name
27
+ req.env['rack.attack.match_type'] = :throttle
28
+ req.env['rack.attack.match_data'] = {:count => count, :period => period, :limit => limit}
29
+ Rack::Attack.instrument(req)
28
30
  end
29
31
  end
30
32
  end
data/lib/rack/attack/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Attack
3
- VERSION = '0.1.0'
3
+ VERSION = '0.2.0'
4
4
  end
5
5
  end
data/spec/rack_attack_spec.rb CHANGED
@@ -37,7 +37,8 @@ describe 'Rack::Attack' do
37
37
  last_response.status.must_equal 503
38
38
  end
39
39
  it "should tag the env" do
40
- last_request.env['rack.attack.matched'].must_equal({:blacklist => "ip #{@bad_ip}"})
40
+ last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}"
41
+ last_request.env['rack.attack.match_type'].must_equal :blacklist
41
42
  end
42
43
 
43
44
  allow_ok_requests
@@ -57,7 +58,8 @@ describe 'Rack::Attack' do
57
58
  last_response.status.must_equal 200
58
59
  end
59
60
  it "should tag the env" do
60
- last_request.env['rack.attack.matched'].must_equal({:whitelist => 'good ua'})
61
+ last_request.env['rack.attack.matched'].must_equal 'good ua'
62
+ last_request.env['rack.attack.match_type'].must_equal :whitelist
61
63
  end
62
64
  end
63
65
  end
@@ -86,7 +88,9 @@ describe 'Rack::Attack' do
86
88
  last_response.status.must_equal 503
87
89
  end
88
90
  it 'should tag the env' do
89
- last_request.env['rack.attack.matched'].must_equal({:throttle => 'ip/sec', :count => 2, :limit => 1, :period => 1})
91
+ last_request.env['rack.attack.matched'].must_equal 'ip/sec'
92
+ last_request.env['rack.attack.match_type'].must_equal :throttle
93
+ last_request.env['rack.attack.match_data'].must_equal({:count => 2, :limit => 1, :period => 1})
90
94
  end
91
95
  it 'should set a Retry-After header' do
92
96
  last_response.headers['Retry-After'].must_equal 1
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-attack
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -121,7 +121,6 @@ files:
121
121
  - lib/rack/attack/whitelist.rb
122
122
  - lib/rack/attack.rb
123
123
  - Rakefile
124
- - LICENSE
125
124
  - README.md
126
125
  - spec/rack_attack_spec.rb
127
126
  - spec/spec_helper.rb
data/LICENSE DELETED
@@ -1,20 +0,0 @@
1
- Copyright (c) 2012 Aaron Suggs
2
-
3
- Permission is hereby granted, free of charge, to any person obtaining
4
- a copy of this software and associated documentation files (the
5
- "Software"), to deal in the Software without restriction, including
6
- without limitation the rights to use, copy, modify, merge, publish,
7
- distribute, sublicense, and/or sell copies of the Software, and to
8
- permit persons to whom the Software is furnished to do so, subject to
9
- the following conditions:
10
-
11
- The above copyright notice and this permission notice shall be
12
- included in all copies or substantial portions of the Software.
13
-
14
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
- LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
- OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.