rack-attack 4.3.1 → 5.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +230 -113
- data/Rakefile +11 -3
- data/bin/setup +8 -0
- data/lib/rack/attack.rb +121 -48
- data/lib/rack/attack/allow2ban.rb +2 -1
- data/lib/rack/attack/{whitelist.rb → blocklist.rb} +2 -3
- data/lib/rack/attack/cache.rb +24 -5
- data/lib/rack/attack/check.rb +6 -8
- data/lib/rack/attack/fail2ban.rb +3 -2
- data/lib/rack/attack/path_normalizer.rb +6 -11
- data/lib/rack/attack/request.rb +1 -1
- data/lib/rack/attack/{blacklist.rb → safelist.rb} +2 -4
- data/lib/rack/attack/store_proxy.rb +13 -12
- data/lib/rack/attack/store_proxy/dalli_proxy.rb +2 -3
- data/lib/rack/attack/store_proxy/mem_cache_proxy.rb +50 -0
- data/lib/rack/attack/store_proxy/mem_cache_store_proxy.rb +19 -0
- data/lib/rack/attack/store_proxy/redis_cache_store_proxy.rb +35 -0
- data/lib/rack/attack/store_proxy/redis_proxy.rb +54 -0
- data/lib/rack/attack/store_proxy/redis_store_proxy.rb +5 -24
- data/lib/rack/attack/throttle.rb +16 -12
- data/lib/rack/attack/track.rb +3 -3
- data/lib/rack/attack/version.rb +1 -1
- data/spec/acceptance/allow2ban_spec.rb +71 -0
- data/spec/acceptance/blocking_ip_spec.rb +38 -0
- data/spec/acceptance/blocking_spec.rb +41 -0
- data/spec/acceptance/blocking_subnet_spec.rb +44 -0
- data/spec/acceptance/cache_store_config_for_allow2ban_spec.rb +126 -0
- data/spec/acceptance/cache_store_config_for_fail2ban_spec.rb +121 -0
- data/spec/acceptance/cache_store_config_for_throttle_spec.rb +48 -0
- data/spec/acceptance/cache_store_config_with_rails_spec.rb +31 -0
- data/spec/acceptance/customizing_blocked_response_spec.rb +41 -0
- data/spec/acceptance/customizing_throttled_response_spec.rb +59 -0
- data/spec/acceptance/extending_request_object_spec.rb +34 -0
- data/spec/acceptance/fail2ban_spec.rb +76 -0
- data/spec/acceptance/safelisting_ip_spec.rb +48 -0
- data/spec/acceptance/safelisting_spec.rb +53 -0
- data/spec/acceptance/safelisting_subnet_spec.rb +48 -0
- data/spec/acceptance/stores/active_support_dalli_store_spec.rb +19 -0
- data/spec/acceptance/stores/active_support_mem_cache_store_pooled_spec.rb +22 -0
- data/spec/acceptance/stores/active_support_mem_cache_store_spec.rb +18 -0
- data/spec/acceptance/stores/active_support_memory_store_spec.rb +16 -0
- data/spec/acceptance/stores/active_support_redis_cache_store_pooled_spec.rb +18 -0
- data/spec/acceptance/stores/active_support_redis_cache_store_spec.rb +18 -0
- data/spec/acceptance/stores/active_support_redis_store_spec.rb +18 -0
- data/spec/acceptance/stores/connection_pool_dalli_client_spec.rb +22 -0
- data/spec/acceptance/stores/dalli_client_spec.rb +19 -0
- data/spec/acceptance/stores/redis_spec.rb +20 -0
- data/spec/acceptance/stores/redis_store_spec.rb +18 -0
- data/spec/acceptance/throttling_spec.rb +159 -0
- data/spec/acceptance/track_spec.rb +27 -0
- data/spec/acceptance/track_throttle_spec.rb +53 -0
- data/spec/allow2ban_spec.rb +10 -9
- data/spec/fail2ban_spec.rb +12 -10
- data/spec/integration/offline_spec.rb +21 -23
- data/spec/rack_attack_dalli_proxy_spec.rb +0 -2
- data/spec/rack_attack_request_spec.rb +2 -2
- data/spec/rack_attack_spec.rb +53 -18
- data/spec/rack_attack_throttle_spec.rb +45 -13
- data/spec/rack_attack_track_spec.rb +11 -8
- data/spec/spec_helper.rb +35 -14
- data/spec/support/cache_store_helper.rb +82 -0
- metadata +161 -61
- data/spec/integration/rack_attack_cache_spec.rb +0 -119
|
@@ -1,119 +0,0 @@
|
|
|
1
|
-
require_relative '../spec_helper'
|
|
2
|
-
|
|
3
|
-
describe Rack::Attack::Cache do
|
|
4
|
-
|
|
5
|
-
# A convenience method for deleting a key from cache.
|
|
6
|
-
# Slightly differnet than @cache.delete, which adds a prefix.
|
|
7
|
-
def delete(key)
|
|
8
|
-
if @cache.store.respond_to?(:delete)
|
|
9
|
-
@cache.store.delete(key)
|
|
10
|
-
else
|
|
11
|
-
@cache.store.del(key)
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
def sleep_until_expired
|
|
16
|
-
sleep(@expires_in * 1.1) # Add 10% to reduce errors
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
require 'active_support/cache/dalli_store'
|
|
20
|
-
require 'active_support/cache/redis_store'
|
|
21
|
-
require 'connection_pool'
|
|
22
|
-
cache_stores = [
|
|
23
|
-
ActiveSupport::Cache::MemoryStore.new,
|
|
24
|
-
ActiveSupport::Cache::DalliStore.new("127.0.0.1"),
|
|
25
|
-
ActiveSupport::Cache::RedisStore.new("127.0.0.1"),
|
|
26
|
-
Dalli::Client.new,
|
|
27
|
-
ConnectionPool.new { Dalli::Client.new },
|
|
28
|
-
Redis::Store.new
|
|
29
|
-
]
|
|
30
|
-
|
|
31
|
-
cache_stores.each do |store|
|
|
32
|
-
store = Rack::Attack::StoreProxy.build(store)
|
|
33
|
-
describe "with #{store.class}" do
|
|
34
|
-
|
|
35
|
-
before {
|
|
36
|
-
@cache = Rack::Attack::Cache.new
|
|
37
|
-
@key = "rack::attack:cache-test-key"
|
|
38
|
-
@expires_in = 1
|
|
39
|
-
@cache.store = store
|
|
40
|
-
delete(@key)
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
after { delete(@key) }
|
|
44
|
-
|
|
45
|
-
describe "do_count once" do
|
|
46
|
-
it "should be 1" do
|
|
47
|
-
@cache.send(:do_count, @key, @expires_in).must_equal 1
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
describe "do_count twice" do
|
|
52
|
-
it "must be 2" do
|
|
53
|
-
@cache.send(:do_count, @key, @expires_in)
|
|
54
|
-
@cache.send(:do_count, @key, @expires_in).must_equal 2
|
|
55
|
-
end
|
|
56
|
-
end
|
|
57
|
-
describe "do_count after expires_in" do
|
|
58
|
-
it "must be 1" do
|
|
59
|
-
@cache.send(:do_count, @key, @expires_in)
|
|
60
|
-
sleep_until_expired
|
|
61
|
-
@cache.send(:do_count, @key, @expires_in).must_equal 1
|
|
62
|
-
end
|
|
63
|
-
end
|
|
64
|
-
|
|
65
|
-
describe "write" do
|
|
66
|
-
it "should write a value to the store with prefix" do
|
|
67
|
-
@cache.write("cache-test-key", "foobar", 1)
|
|
68
|
-
store.read(@key).must_equal "foobar"
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
describe "write after expiry" do
|
|
73
|
-
it "must not have a value" do
|
|
74
|
-
@cache.write("cache-test-key", "foobar", @expires_in)
|
|
75
|
-
sleep_until_expired
|
|
76
|
-
store.read(@key).must_be :nil?
|
|
77
|
-
end
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
describe "read" do
|
|
81
|
-
it "must read the value with a prefix" do
|
|
82
|
-
store.write(@key, "foobar", :expires_in => @expires_in)
|
|
83
|
-
@cache.read("cache-test-key").must_equal "foobar"
|
|
84
|
-
end
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
describe "delete" do
|
|
88
|
-
it "must delete the value" do
|
|
89
|
-
store.write(@key, "foobar", :expires_in => @expires_in)
|
|
90
|
-
@cache.read('cache-test-key').must_equal "foobar"
|
|
91
|
-
store.delete(@key)
|
|
92
|
-
@cache.read('cache-test-key').must_equal nil
|
|
93
|
-
end
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
describe "cache#delete" do
|
|
97
|
-
it "must delete the value" do
|
|
98
|
-
@cache.write("cache-test-key", "foobar", 1)
|
|
99
|
-
store.read(@key).must_equal "foobar"
|
|
100
|
-
@cache.delete('cache-test-key')
|
|
101
|
-
store.read(@key).must_be :nil?
|
|
102
|
-
end
|
|
103
|
-
end
|
|
104
|
-
|
|
105
|
-
describe "reset_count" do
|
|
106
|
-
it "must delete the value" do
|
|
107
|
-
period = 1.minute
|
|
108
|
-
unprefixed_key = 'cache-test-key'
|
|
109
|
-
@cache.count(unprefixed_key, period)
|
|
110
|
-
period_key, _ = @cache.send(:key_and_expiry, 'cache-test-key', period)
|
|
111
|
-
store.read(period_key).to_i.must_equal 1
|
|
112
|
-
@cache.reset_count(unprefixed_key, period)
|
|
113
|
-
store.read(period_key).must_equal nil
|
|
114
|
-
end
|
|
115
|
-
end
|
|
116
|
-
end
|
|
117
|
-
|
|
118
|
-
end
|
|
119
|
-
end
|