rack-attack 5.0.0.beta1 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +28 -7
- data/lib/rack/attack/version.rb +1 -1
- data/spec/integration/offline_spec.rb +1 -1
- data/spec/rack_attack_throttle_spec.rb +22 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ef73037a3db9840b433aeb5a0d185f95edeef9be
|
|
4
|
+
data.tar.gz: 98bbf2ea7bbad24f423ff21bf2da4ce4a4f13fc9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0c796ea400d3425a0111f16d78efc883113f1fd2a3f55ba624c089978b39235f4851ffe2b546da7b1fe4fce181eea3cff9644185dbb36c373ce22bff3011ddd3
|
|
7
|
+
data.tar.gz: a89e8d96ba25124d062d6da2665827d85773876705310a364a6cc74c90e1349c3d5efed63065846770ffd1c0c537fd0a9756539c6d77f8473653c4d7e20f5940
|
data/README.md
CHANGED
|
@@ -230,19 +230,40 @@ Rack::Attack.blocklisted_response = lambda do |env|
|
|
|
230
230
|
end
|
|
231
231
|
|
|
232
232
|
Rack::Attack.throttled_response = lambda do |env|
|
|
233
|
-
# name and other data about the matched throttle
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
env['rack.attack.match_data']
|
|
238
|
-
].inspect
|
|
233
|
+
# NB: you have access to the name and other data about the matched throttle
|
|
234
|
+
# env['rack.attack.matched'],
|
|
235
|
+
# env['rack.attack.match_type'],
|
|
236
|
+
# env['rack.attack.match_data']
|
|
239
237
|
|
|
240
238
|
# Using 503 because it may make attacker think that they have successfully
|
|
241
239
|
# DOSed the site. Rack::Attack returns 429 for throttling by default
|
|
242
|
-
[ 503, {}, [
|
|
240
|
+
[ 503, {}, ["Server Error\n"]]
|
|
243
241
|
end
|
|
244
242
|
```
|
|
245
243
|
|
|
244
|
+
### X-RateLimit headers for well-behaved clients
|
|
245
|
+
|
|
246
|
+
While Rack::Attack's primary focus is minimizing harm from abusive clients, it
|
|
247
|
+
can also be used to return rate limit data that's helpful for well-behaved clients.
|
|
248
|
+
|
|
249
|
+
Here's an example response that includes conventional `X-RateLimit-*` headers:
|
|
250
|
+
|
|
251
|
+
```ruby
|
|
252
|
+
Rack::Attack.throttled_response = lambda do |env|
|
|
253
|
+
now = Time.now
|
|
254
|
+
match_data = env['rack.attack.match_data']
|
|
255
|
+
|
|
256
|
+
headers = {
|
|
257
|
+
'X-RateLimit-Limit' => match_data[:limit].to_s,
|
|
258
|
+
'X-RateLimit-Remaining' => '0',
|
|
259
|
+
'X-RateLimit-Reset' => (now + (match_data[:period] - now.to_i % match_data[:period])).to_s
|
|
260
|
+
}
|
|
261
|
+
|
|
262
|
+
[ 429, headers, ["Throttled\n"]]
|
|
263
|
+
end
|
|
264
|
+
```
|
|
265
|
+
|
|
266
|
+
|
|
246
267
|
For responses that did not exceed a throttle limit, Rack::Attack annotates the env with match data:
|
|
247
268
|
|
|
248
269
|
```ruby
|
data/lib/rack/attack/version.rb
CHANGED
|
@@ -85,3 +85,25 @@ describe 'Rack::Attack.throttle with period as proc' do
|
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
end
|
|
88
|
+
|
|
89
|
+
describe 'Rack::Attack.throttle with block retuning nil' do
|
|
90
|
+
before do
|
|
91
|
+
@period = 60
|
|
92
|
+
Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
|
|
93
|
+
Rack::Attack.throttle('ip/sec', :limit => 1, :period => @period) { |_| nil }
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
allow_ok_requests
|
|
97
|
+
|
|
98
|
+
describe 'a single request' do
|
|
99
|
+
before { get '/', {}, 'REMOTE_ADDR' => '1.2.3.4' }
|
|
100
|
+
it 'should not set the counter' do
|
|
101
|
+
key = "rack::attack:#{Time.now.to_i/@period}:ip/sec:1.2.3.4"
|
|
102
|
+
Rack::Attack.cache.store.read(key).must_equal nil
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
it 'should not populate throttle data' do
|
|
106
|
+
last_request.env['rack.attack.throttle_data'].must_equal nil
|
|
107
|
+
end
|
|
108
|
+
end
|
|
109
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-attack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.0.0
|
|
4
|
+
version: 5.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aaron Suggs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-08-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -215,9 +215,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
215
215
|
version: 2.0.0
|
|
216
216
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
217
217
|
requirements:
|
|
218
|
-
- - "
|
|
218
|
+
- - ">="
|
|
219
219
|
- !ruby/object:Gem::Version
|
|
220
|
-
version:
|
|
220
|
+
version: '0'
|
|
221
221
|
requirements: []
|
|
222
222
|
rubyforge_project:
|
|
223
223
|
rubygems_version: 2.5.1
|