rack-attack 1.3.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of rack-attack might be problematic. Click here for more details.

data/README.md CHANGED
@@ -83,7 +83,11 @@ Note that `req` is a [Rack::Request](http://rack.rubyforge.org/doc/classes/Rack/
83
83
 
84
84
  ## Responses
85
85
 
86
- Customize the response of throttled requests using an object that adheres to the [Rack app interface](http://rack.rubyforge.org/doc/SPEC.html).
86
+ Customize the response of blacklisted and throttled requests using an object that adheres to the [Rack app interface](http://rack.rubyforge.org/doc/SPEC.html).
87
+
88
+ Rack:Attack.blacklisted_response = lambda do |env|
89
+ [ 503, {}, ['Blocked']]
90
+ end
87
91
 
88
92
  Rack:Attack.throttled_response = lambda do |env|
89
93
  # name and other data about the matched throttle
@@ -96,16 +100,9 @@ Customize the response of throttled requests using an object that adheres to the
96
100
  [ 503, {}, [body]]
97
101
  end
98
102
 
99
- Similarly for blacklisted responses:
100
-
101
- Rack:Attack.blacklisted_response = lambda do |env|
102
- [ 503, {}, ['Blocked']]
103
- end
104
-
105
- For responses that did not exceed a throttle limit, Rack::Attack annotates the environment with match data.
106
- For example, in out `reqs/ip` throttle above, a matching request would have:
103
+ For responses that did not exceed a throttle limit, Rack::Attack annotates the env with match data:
107
104
 
108
- request.env['rack.attack.throttle_data']['req/ip'] # => { :period => 1, :limit => 5, :count => n }
105
+ request.env['rack.attack.throttle_data'][name] # => { :count => n, :period => p, :limit => l }
109
106
 
110
107
  ## Logging & Instrumentation
111
108
 
@@ -9,11 +9,13 @@ module Rack
9
9
  end
10
10
 
11
11
  def count(unprefixed_key, period)
12
- key = "#{prefix}:#{Time.now.to_i/period}:#{unprefixed_key}"
13
- result = store.increment(key, 1)
12
+ epoch_time = Time.now.to_i
13
+ expires_in = period - (epoch_time % period)
14
+ key = "#{prefix}:#{epoch_time/period}:#{unprefixed_key}"
15
+ result = store.increment(key, 1, :expires_in => expires_in)
14
16
  # NB: Some stores return nil when incrementing uninitialized values
15
17
  if result.nil?
16
- store.write(key, 1)
18
+ store.write(key, 1, :expires_in => expires_in)
17
19
  end
18
20
  result || 1
19
21
  end
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Attack
3
- VERSION = '1.3.0'
3
+ VERSION = '1.3.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-attack
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.3.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-08-08 00:00:00.000000000 Z
12
+ date: 2012-08-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
145
  version: '0'
146
146
  requirements: []
147
147
  rubyforge_project:
148
- rubygems_version: 1.8.24
148
+ rubygems_version: 1.8.23
149
149
  signing_key:
150
150
  specification_version: 3
151
151
  summary: Block & throttle abusive requests