rack-attack 5.4.2 → 6.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +78 -27
- data/Rakefile +3 -1
- data/lib/rack/attack.rb +138 -149
- data/lib/rack/attack/allow2ban.rb +2 -0
- data/lib/rack/attack/blocklist.rb +3 -1
- data/lib/rack/attack/cache.rb +9 -4
- data/lib/rack/attack/check.rb +5 -2
- data/lib/rack/attack/fail2ban.rb +2 -0
- data/lib/rack/attack/path_normalizer.rb +22 -18
- data/lib/rack/attack/railtie.rb +13 -0
- data/lib/rack/attack/request.rb +2 -0
- data/lib/rack/attack/safelist.rb +3 -1
- data/lib/rack/attack/store_proxy.rb +12 -14
- data/lib/rack/attack/store_proxy/active_support_redis_store_proxy.rb +39 -0
- data/lib/rack/attack/store_proxy/dalli_proxy.rb +27 -13
- data/lib/rack/attack/store_proxy/mem_cache_store_proxy.rb +3 -1
- data/lib/rack/attack/store_proxy/redis_cache_store_proxy.rb +22 -8
- data/lib/rack/attack/store_proxy/redis_proxy.rb +16 -14
- data/lib/rack/attack/store_proxy/redis_store_proxy.rb +5 -5
- data/lib/rack/attack/throttle.rb +12 -8
- data/lib/rack/attack/track.rb +9 -6
- data/lib/rack/attack/version.rb +3 -1
- data/spec/acceptance/allow2ban_spec.rb +2 -0
- data/spec/acceptance/blocking_ip_spec.rb +4 -2
- data/spec/acceptance/blocking_spec.rb +45 -3
- data/spec/acceptance/blocking_subnet_spec.rb +4 -2
- data/spec/acceptance/cache_store_config_for_allow2ban_spec.rb +8 -12
- data/spec/acceptance/cache_store_config_for_fail2ban_spec.rb +8 -12
- data/spec/acceptance/cache_store_config_for_throttle_spec.rb +2 -0
- data/spec/acceptance/cache_store_config_with_rails_spec.rb +2 -0
- data/spec/acceptance/customizing_blocked_response_spec.rb +2 -0
- data/spec/acceptance/customizing_throttled_response_spec.rb +2 -0
- data/spec/acceptance/extending_request_object_spec.rb +2 -0
- data/spec/acceptance/fail2ban_spec.rb +2 -0
- data/spec/acceptance/rails_middleware_spec.rb +35 -0
- data/spec/acceptance/safelisting_ip_spec.rb +4 -2
- data/spec/acceptance/safelisting_spec.rb +57 -3
- data/spec/acceptance/safelisting_subnet_spec.rb +4 -2
- data/spec/acceptance/stores/active_support_dalli_store_spec.rb +2 -0
- data/spec/acceptance/stores/active_support_mem_cache_store_pooled_spec.rb +1 -3
- data/spec/acceptance/stores/active_support_mem_cache_store_spec.rb +2 -0
- data/spec/acceptance/stores/active_support_memory_store_spec.rb +2 -0
- data/spec/acceptance/stores/active_support_redis_cache_store_pooled_spec.rb +9 -1
- data/spec/acceptance/stores/active_support_redis_cache_store_spec.rb +8 -1
- data/spec/acceptance/stores/active_support_redis_store_spec.rb +3 -1
- data/spec/acceptance/stores/connection_pool_dalli_client_spec.rb +5 -3
- data/spec/acceptance/stores/dalli_client_spec.rb +2 -0
- data/spec/acceptance/stores/redis_store_spec.rb +2 -0
- data/spec/acceptance/throttling_spec.rb +7 -5
- data/spec/acceptance/track_spec.rb +5 -3
- data/spec/acceptance/track_throttle_spec.rb +5 -3
- data/spec/allow2ban_spec.rb +20 -15
- data/spec/fail2ban_spec.rb +20 -17
- data/spec/integration/offline_spec.rb +15 -1
- data/spec/rack_attack_dalli_proxy_spec.rb +2 -0
- data/spec/rack_attack_instrumentation_spec.rb +42 -0
- data/spec/rack_attack_path_normalizer_spec.rb +4 -2
- data/spec/rack_attack_request_spec.rb +2 -0
- data/spec/rack_attack_spec.rb +38 -34
- data/spec/rack_attack_throttle_spec.rb +50 -19
- data/spec/rack_attack_track_spec.rb +12 -7
- data/spec/spec_helper.rb +12 -8
- data/spec/support/cache_store_helper.rb +2 -0
- metadata +71 -56
- data/bin/setup +0 -8
- data/lib/rack/attack/store_proxy/mem_cache_proxy.rb +0 -50
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-attack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 6.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aaron Suggs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-12-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -48,16 +48,22 @@ dependencies:
|
|
|
48
48
|
name: bundler
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
50
50
|
requirements:
|
|
51
|
-
- - "
|
|
51
|
+
- - ">="
|
|
52
52
|
- !ruby/object:Gem::Version
|
|
53
|
-
version: '1.
|
|
53
|
+
version: '1.17'
|
|
54
|
+
- - "<"
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '3.0'
|
|
54
57
|
type: :development
|
|
55
58
|
prerelease: false
|
|
56
59
|
version_requirements: !ruby/object:Gem::Requirement
|
|
57
60
|
requirements:
|
|
58
|
-
- - "
|
|
61
|
+
- - ">="
|
|
62
|
+
- !ruby/object:Gem::Version
|
|
63
|
+
version: '1.17'
|
|
64
|
+
- - "<"
|
|
59
65
|
- !ruby/object:Gem::Version
|
|
60
|
-
version: '
|
|
66
|
+
version: '3.0'
|
|
61
67
|
- !ruby/object:Gem::Dependency
|
|
62
68
|
name: minitest
|
|
63
69
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -106,84 +112,90 @@ dependencies:
|
|
|
106
112
|
requirements:
|
|
107
113
|
- - "~>"
|
|
108
114
|
- !ruby/object:Gem::Version
|
|
109
|
-
version: '
|
|
115
|
+
version: '13.0'
|
|
110
116
|
type: :development
|
|
111
117
|
prerelease: false
|
|
112
118
|
version_requirements: !ruby/object:Gem::Requirement
|
|
113
119
|
requirements:
|
|
114
120
|
- - "~>"
|
|
115
121
|
- !ruby/object:Gem::Version
|
|
116
|
-
version: '
|
|
122
|
+
version: '13.0'
|
|
117
123
|
- !ruby/object:Gem::Dependency
|
|
118
124
|
name: rubocop
|
|
119
125
|
requirement: !ruby/object:Gem::Requirement
|
|
120
126
|
requirements:
|
|
121
127
|
- - '='
|
|
122
128
|
- !ruby/object:Gem::Version
|
|
123
|
-
version: 0.
|
|
129
|
+
version: 0.75.0
|
|
124
130
|
type: :development
|
|
125
131
|
prerelease: false
|
|
126
132
|
version_requirements: !ruby/object:Gem::Requirement
|
|
127
133
|
requirements:
|
|
128
134
|
- - '='
|
|
129
135
|
- !ruby/object:Gem::Version
|
|
130
|
-
version: 0.
|
|
136
|
+
version: 0.75.0
|
|
131
137
|
- !ruby/object:Gem::Dependency
|
|
132
|
-
name:
|
|
138
|
+
name: rubocop-performance
|
|
133
139
|
requirement: !ruby/object:Gem::Requirement
|
|
134
140
|
requirements:
|
|
135
141
|
- - "~>"
|
|
136
142
|
- !ruby/object:Gem::Version
|
|
137
|
-
version:
|
|
143
|
+
version: 1.5.0
|
|
138
144
|
type: :development
|
|
139
145
|
prerelease: false
|
|
140
146
|
version_requirements: !ruby/object:Gem::Requirement
|
|
141
147
|
requirements:
|
|
142
148
|
- - "~>"
|
|
143
149
|
- !ruby/object:Gem::Version
|
|
144
|
-
version:
|
|
150
|
+
version: 1.5.0
|
|
145
151
|
- !ruby/object:Gem::Dependency
|
|
146
|
-
name:
|
|
152
|
+
name: timecop
|
|
147
153
|
requirement: !ruby/object:Gem::Requirement
|
|
148
154
|
requirements:
|
|
149
155
|
- - "~>"
|
|
150
156
|
- !ruby/object:Gem::Version
|
|
151
|
-
version:
|
|
157
|
+
version: 0.9.1
|
|
152
158
|
type: :development
|
|
153
159
|
prerelease: false
|
|
154
160
|
version_requirements: !ruby/object:Gem::Requirement
|
|
155
161
|
requirements:
|
|
156
162
|
- - "~>"
|
|
157
163
|
- !ruby/object:Gem::Version
|
|
158
|
-
version:
|
|
164
|
+
version: 0.9.1
|
|
159
165
|
- !ruby/object:Gem::Dependency
|
|
160
|
-
name:
|
|
166
|
+
name: byebug
|
|
161
167
|
requirement: !ruby/object:Gem::Requirement
|
|
162
168
|
requirements:
|
|
163
169
|
- - "~>"
|
|
164
170
|
- !ruby/object:Gem::Version
|
|
165
|
-
version: '
|
|
171
|
+
version: '11.0'
|
|
166
172
|
type: :development
|
|
167
173
|
prerelease: false
|
|
168
174
|
version_requirements: !ruby/object:Gem::Requirement
|
|
169
175
|
requirements:
|
|
170
176
|
- - "~>"
|
|
171
177
|
- !ruby/object:Gem::Version
|
|
172
|
-
version: '
|
|
178
|
+
version: '11.0'
|
|
173
179
|
- !ruby/object:Gem::Dependency
|
|
174
|
-
name:
|
|
180
|
+
name: railties
|
|
175
181
|
requirement: !ruby/object:Gem::Requirement
|
|
176
182
|
requirements:
|
|
177
|
-
- - "
|
|
183
|
+
- - ">="
|
|
184
|
+
- !ruby/object:Gem::Version
|
|
185
|
+
version: '4.2'
|
|
186
|
+
- - "<"
|
|
178
187
|
- !ruby/object:Gem::Version
|
|
179
|
-
version: '
|
|
188
|
+
version: '6.1'
|
|
180
189
|
type: :development
|
|
181
190
|
prerelease: false
|
|
182
191
|
version_requirements: !ruby/object:Gem::Requirement
|
|
183
192
|
requirements:
|
|
184
|
-
- - "
|
|
193
|
+
- - ">="
|
|
185
194
|
- !ruby/object:Gem::Version
|
|
186
|
-
version: '
|
|
195
|
+
version: '4.2'
|
|
196
|
+
- - "<"
|
|
197
|
+
- !ruby/object:Gem::Version
|
|
198
|
+
version: '6.1'
|
|
187
199
|
description: A rack middleware for throttling and blocking abusive requests
|
|
188
200
|
email: aaron@ktheory.com
|
|
189
201
|
executables: []
|
|
@@ -192,7 +204,6 @@ extra_rdoc_files: []
|
|
|
192
204
|
files:
|
|
193
205
|
- README.md
|
|
194
206
|
- Rakefile
|
|
195
|
-
- bin/setup
|
|
196
207
|
- lib/rack/attack.rb
|
|
197
208
|
- lib/rack/attack/allow2ban.rb
|
|
198
209
|
- lib/rack/attack/blocklist.rb
|
|
@@ -200,11 +211,12 @@ files:
|
|
|
200
211
|
- lib/rack/attack/check.rb
|
|
201
212
|
- lib/rack/attack/fail2ban.rb
|
|
202
213
|
- lib/rack/attack/path_normalizer.rb
|
|
214
|
+
- lib/rack/attack/railtie.rb
|
|
203
215
|
- lib/rack/attack/request.rb
|
|
204
216
|
- lib/rack/attack/safelist.rb
|
|
205
217
|
- lib/rack/attack/store_proxy.rb
|
|
218
|
+
- lib/rack/attack/store_proxy/active_support_redis_store_proxy.rb
|
|
206
219
|
- lib/rack/attack/store_proxy/dalli_proxy.rb
|
|
207
|
-
- lib/rack/attack/store_proxy/mem_cache_proxy.rb
|
|
208
220
|
- lib/rack/attack/store_proxy/mem_cache_store_proxy.rb
|
|
209
221
|
- lib/rack/attack/store_proxy/redis_cache_store_proxy.rb
|
|
210
222
|
- lib/rack/attack/store_proxy/redis_proxy.rb
|
|
@@ -224,6 +236,7 @@ files:
|
|
|
224
236
|
- spec/acceptance/customizing_throttled_response_spec.rb
|
|
225
237
|
- spec/acceptance/extending_request_object_spec.rb
|
|
226
238
|
- spec/acceptance/fail2ban_spec.rb
|
|
239
|
+
- spec/acceptance/rails_middleware_spec.rb
|
|
227
240
|
- spec/acceptance/safelisting_ip_spec.rb
|
|
228
241
|
- spec/acceptance/safelisting_spec.rb
|
|
229
242
|
- spec/acceptance/safelisting_subnet_spec.rb
|
|
@@ -245,6 +258,7 @@ files:
|
|
|
245
258
|
- spec/fail2ban_spec.rb
|
|
246
259
|
- spec/integration/offline_spec.rb
|
|
247
260
|
- spec/rack_attack_dalli_proxy_spec.rb
|
|
261
|
+
- spec/rack_attack_instrumentation_spec.rb
|
|
248
262
|
- spec/rack_attack_path_normalizer_spec.rb
|
|
249
263
|
- spec/rack_attack_request_spec.rb
|
|
250
264
|
- spec/rack_attack_spec.rb
|
|
@@ -268,56 +282,57 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
268
282
|
requirements:
|
|
269
283
|
- - ">="
|
|
270
284
|
- !ruby/object:Gem::Version
|
|
271
|
-
version: '2.
|
|
285
|
+
version: '2.3'
|
|
272
286
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
273
287
|
requirements:
|
|
274
288
|
- - ">="
|
|
275
289
|
- !ruby/object:Gem::Version
|
|
276
290
|
version: '0'
|
|
277
291
|
requirements: []
|
|
278
|
-
|
|
279
|
-
rubygems_version: 2.7.6
|
|
292
|
+
rubygems_version: 3.1.1
|
|
280
293
|
signing_key:
|
|
281
294
|
specification_version: 4
|
|
282
295
|
summary: Block & throttle abusive requests
|
|
283
296
|
test_files:
|
|
297
|
+
- spec/rack_attack_spec.rb
|
|
298
|
+
- spec/fail2ban_spec.rb
|
|
299
|
+
- spec/allow2ban_spec.rb
|
|
300
|
+
- spec/support/cache_store_helper.rb
|
|
301
|
+
- spec/rack_attack_instrumentation_spec.rb
|
|
302
|
+
- spec/rack_attack_throttle_spec.rb
|
|
284
303
|
- spec/integration/offline_spec.rb
|
|
285
|
-
- spec/
|
|
286
|
-
- spec/acceptance/
|
|
304
|
+
- spec/rack_attack_dalli_proxy_spec.rb
|
|
305
|
+
- spec/acceptance/fail2ban_spec.rb
|
|
306
|
+
- spec/acceptance/allow2ban_spec.rb
|
|
307
|
+
- spec/acceptance/rails_middleware_spec.rb
|
|
308
|
+
- spec/acceptance/throttling_spec.rb
|
|
287
309
|
- spec/acceptance/track_throttle_spec.rb
|
|
288
|
-
- spec/acceptance/cache_store_config_for_fail2ban_spec.rb
|
|
289
|
-
- spec/acceptance/cache_store_config_with_rails_spec.rb
|
|
290
|
-
- spec/acceptance/cache_store_config_for_allow2ban_spec.rb
|
|
291
|
-
- spec/acceptance/safelisting_ip_spec.rb
|
|
292
|
-
- spec/acceptance/track_spec.rb
|
|
293
310
|
- spec/acceptance/blocking_subnet_spec.rb
|
|
294
311
|
- spec/acceptance/blocking_ip_spec.rb
|
|
295
|
-
- spec/acceptance/
|
|
296
|
-
- spec/acceptance/
|
|
297
|
-
- spec/acceptance/
|
|
298
|
-
- spec/acceptance/customizing_throttled_response_spec.rb
|
|
312
|
+
- spec/acceptance/cache_store_config_with_rails_spec.rb
|
|
313
|
+
- spec/acceptance/cache_store_config_for_fail2ban_spec.rb
|
|
314
|
+
- spec/acceptance/safelisting_subnet_spec.rb
|
|
299
315
|
- spec/acceptance/extending_request_object_spec.rb
|
|
300
316
|
- spec/acceptance/safelisting_spec.rb
|
|
317
|
+
- spec/acceptance/customizing_throttled_response_spec.rb
|
|
318
|
+
- spec/acceptance/safelisting_ip_spec.rb
|
|
319
|
+
- spec/acceptance/cache_store_config_for_allow2ban_spec.rb
|
|
320
|
+
- spec/acceptance/customizing_blocked_response_spec.rb
|
|
301
321
|
- spec/acceptance/cache_store_config_for_throttle_spec.rb
|
|
302
|
-
- spec/acceptance/
|
|
303
|
-
- spec/acceptance/stores/
|
|
304
|
-
- spec/acceptance/stores/active_support_redis_cache_store_spec.rb
|
|
305
|
-
- spec/acceptance/stores/active_support_memory_store_spec.rb
|
|
306
|
-
- spec/acceptance/stores/active_support_redis_store_spec.rb
|
|
307
|
-
- spec/acceptance/stores/active_support_mem_cache_store_spec.rb
|
|
322
|
+
- spec/acceptance/blocking_spec.rb
|
|
323
|
+
- spec/acceptance/stores/redis_spec.rb
|
|
308
324
|
- spec/acceptance/stores/active_support_redis_cache_store_pooled_spec.rb
|
|
325
|
+
- spec/acceptance/stores/active_support_memory_store_spec.rb
|
|
309
326
|
- spec/acceptance/stores/connection_pool_dalli_client_spec.rb
|
|
327
|
+
- spec/acceptance/stores/active_support_redis_cache_store_spec.rb
|
|
310
328
|
- spec/acceptance/stores/active_support_dalli_store_spec.rb
|
|
311
|
-
- spec/acceptance/stores/
|
|
329
|
+
- spec/acceptance/stores/active_support_mem_cache_store_pooled_spec.rb
|
|
330
|
+
- spec/acceptance/stores/active_support_mem_cache_store_spec.rb
|
|
312
331
|
- spec/acceptance/stores/dalli_client_spec.rb
|
|
313
|
-
- spec/acceptance/stores/
|
|
314
|
-
- spec/acceptance/
|
|
315
|
-
- spec/
|
|
316
|
-
- spec/
|
|
317
|
-
- spec/rack_attack_dalli_proxy_spec.rb
|
|
318
|
-
- spec/rack_attack_spec.rb
|
|
319
|
-
- spec/rack_attack_throttle_spec.rb
|
|
332
|
+
- spec/acceptance/stores/redis_store_spec.rb
|
|
333
|
+
- spec/acceptance/stores/active_support_redis_store_spec.rb
|
|
334
|
+
- spec/acceptance/track_spec.rb
|
|
335
|
+
- spec/rack_attack_path_normalizer_spec.rb
|
|
320
336
|
- spec/rack_attack_request_spec.rb
|
|
321
|
-
- spec/fail2ban_spec.rb
|
|
322
337
|
- spec/rack_attack_track_spec.rb
|
|
323
|
-
- spec/
|
|
338
|
+
- spec/spec_helper.rb
|
data/bin/setup
DELETED
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
module Rack
|
|
2
|
-
class Attack
|
|
3
|
-
module StoreProxy
|
|
4
|
-
class MemCacheProxy < SimpleDelegator
|
|
5
|
-
def self.handle?(store)
|
|
6
|
-
defined?(::MemCache) && store.is_a?(::MemCache)
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
def initialize(store)
|
|
10
|
-
super(store)
|
|
11
|
-
stub_with_if_missing
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def read(key)
|
|
15
|
-
# Second argument: reading raw value
|
|
16
|
-
get(key, true)
|
|
17
|
-
rescue MemCache::MemCacheError
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def write(key, value, options = {})
|
|
21
|
-
# Third argument: writing raw value
|
|
22
|
-
set(key, value, options.fetch(:expires_in, 0), true)
|
|
23
|
-
rescue MemCache::MemCacheError
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def increment(key, amount, _options = {})
|
|
27
|
-
incr(key, amount)
|
|
28
|
-
rescue MemCache::MemCacheError
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def delete(key, _options = {})
|
|
32
|
-
with do |client|
|
|
33
|
-
client.delete(key)
|
|
34
|
-
end
|
|
35
|
-
rescue MemCache::MemCacheError
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
private
|
|
39
|
-
|
|
40
|
-
def stub_with_if_missing
|
|
41
|
-
unless __getobj__.respond_to?(:with)
|
|
42
|
-
class << self
|
|
43
|
-
def with; yield __getobj__; end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
end
|