rack-attack 5.4.1 → 5.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rack/attack/cache.rb +1 -1
- data/lib/rack/attack/store_proxy/redis_cache_store_proxy.rb +1 -1
- data/lib/rack/attack/version.rb +1 -1
- data/spec/acceptance/cache_store_config_for_allow2ban_spec.rb +42 -27
- data/spec/acceptance/cache_store_config_for_fail2ban_spec.rb +30 -17
- data/spec/acceptance/stores/active_support_redis_cache_store_pooled_spec.rb +1 -1
- data/spec/acceptance/stores/active_support_redis_cache_store_spec.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e666812691cc414692f7125979f0b152a9111ccee075e65b811fa4a6d8770daa
|
4
|
+
data.tar.gz: 3e8caba79f7ad09d4999cce6358de9cc29b815dee3c9f9c5adbf12763c764656
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f630c0cd1a34bd588e616653a2e6795e2ec6baafc0e0df8b489e6aa451cf47fb64065447fb3ceb2b029a51d87a0393d6d44cea02e58423626ea46165531f7da3
|
7
|
+
data.tar.gz: 22efc414db06b0a1bbbf8e6d34a3e0d0ead64f1832f48dc30af7ec0a374ef215d53cacf0a8e95c842bff0af84df0939f27820e4668c739eb8db3c51ebba4088e
|
data/lib/rack/attack/cache.rb
CHANGED
@@ -71,7 +71,7 @@ module Rack
|
|
71
71
|
|
72
72
|
def enforce_store_method_presence!(method_name)
|
73
73
|
if !store.respond_to?(method_name)
|
74
|
-
raise Rack::Attack::MisconfiguredStoreError, "
|
74
|
+
raise Rack::Attack::MisconfiguredStoreError, "Configured store #{store.class.name} doesn't respond to ##{method_name} method"
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
@@ -5,7 +5,7 @@ module Rack
|
|
5
5
|
module StoreProxy
|
6
6
|
class RedisCacheStoreProxy < SimpleDelegator
|
7
7
|
def self.handle?(store)
|
8
|
-
|
8
|
+
store.class.name == "ActiveSupport::Cache::RedisCacheStore"
|
9
9
|
end
|
10
10
|
|
11
11
|
def increment(name, amount = 1, options = {})
|
data/lib/rack/attack/version.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require_relative "../spec_helper"
|
2
|
+
require "minitest/stub_const"
|
2
3
|
|
3
4
|
describe "Cache store config when using allow2ban" do
|
4
5
|
before do
|
@@ -16,7 +17,9 @@ describe "Cache store config when using allow2ban" do
|
|
16
17
|
end
|
17
18
|
|
18
19
|
it "gives semantic error if store is missing #read method" do
|
19
|
-
|
20
|
+
raised_exception = nil
|
21
|
+
|
22
|
+
fake_store_class = Class.new do
|
20
23
|
def write(key, value)
|
21
24
|
end
|
22
25
|
|
@@ -24,17 +27,21 @@ describe "Cache store config when using allow2ban" do
|
|
24
27
|
end
|
25
28
|
end
|
26
29
|
|
27
|
-
|
30
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
31
|
+
Rack::Attack.cache.store = FakeStore.new
|
28
32
|
|
29
|
-
|
30
|
-
|
33
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
34
|
+
get "/scarce-resource"
|
35
|
+
end
|
31
36
|
end
|
32
37
|
|
33
|
-
assert_equal "
|
38
|
+
assert_equal "Configured store FakeStore doesn't respond to #read method", raised_exception.message
|
34
39
|
end
|
35
40
|
|
36
41
|
it "gives semantic error if store is missing #write method" do
|
37
|
-
|
42
|
+
raised_exception = nil
|
43
|
+
|
44
|
+
fake_store_class = Class.new do
|
38
45
|
def read(key)
|
39
46
|
end
|
40
47
|
|
@@ -42,17 +49,21 @@ describe "Cache store config when using allow2ban" do
|
|
42
49
|
end
|
43
50
|
end
|
44
51
|
|
45
|
-
|
52
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
53
|
+
Rack::Attack.cache.store = FakeStore.new
|
46
54
|
|
47
|
-
|
48
|
-
|
55
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
56
|
+
get "/scarce-resource"
|
57
|
+
end
|
49
58
|
end
|
50
59
|
|
51
|
-
assert_equal "
|
60
|
+
assert_equal "Configured store FakeStore doesn't respond to #write method", raised_exception.message
|
52
61
|
end
|
53
62
|
|
54
63
|
it "gives semantic error if store is missing #increment method" do
|
55
|
-
|
64
|
+
raised_exception = nil
|
65
|
+
|
66
|
+
fake_store_class = Class.new do
|
56
67
|
def read(key)
|
57
68
|
end
|
58
69
|
|
@@ -60,17 +71,19 @@ describe "Cache store config when using allow2ban" do
|
|
60
71
|
end
|
61
72
|
end
|
62
73
|
|
63
|
-
|
74
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
75
|
+
Rack::Attack.cache.store = FakeStore.new
|
64
76
|
|
65
|
-
|
66
|
-
|
77
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
78
|
+
get "/scarce-resource"
|
79
|
+
end
|
67
80
|
end
|
68
81
|
|
69
|
-
assert_equal "
|
82
|
+
assert_equal "Configured store FakeStore doesn't respond to #increment method", raised_exception.message
|
70
83
|
end
|
71
84
|
|
72
85
|
it "works with any object that responds to #read, #write and #increment" do
|
73
|
-
|
86
|
+
fake_store_class = Class.new do
|
74
87
|
attr_accessor :backend
|
75
88
|
|
76
89
|
def initialize
|
@@ -91,21 +104,23 @@ describe "Cache store config when using allow2ban" do
|
|
91
104
|
end
|
92
105
|
end
|
93
106
|
|
94
|
-
|
107
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
108
|
+
Rack::Attack.cache.store = FakeStore.new
|
95
109
|
|
96
|
-
|
97
|
-
|
110
|
+
get "/"
|
111
|
+
assert_equal 200, last_response.status
|
98
112
|
|
99
|
-
|
100
|
-
|
113
|
+
get "/scarce-resource"
|
114
|
+
assert_equal 200, last_response.status
|
101
115
|
|
102
|
-
|
103
|
-
|
116
|
+
get "/scarce-resource"
|
117
|
+
assert_equal 200, last_response.status
|
104
118
|
|
105
|
-
|
106
|
-
|
119
|
+
get "/scarce-resource"
|
120
|
+
assert_equal 403, last_response.status
|
107
121
|
|
108
|
-
|
109
|
-
|
122
|
+
get "/"
|
123
|
+
assert_equal 403, last_response.status
|
124
|
+
end
|
110
125
|
end
|
111
126
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require_relative "../spec_helper"
|
2
|
+
require "minitest/stub_const"
|
2
3
|
|
3
4
|
describe "Cache store config when using fail2ban" do
|
4
5
|
before do
|
@@ -16,7 +17,9 @@ describe "Cache store config when using fail2ban" do
|
|
16
17
|
end
|
17
18
|
|
18
19
|
it "gives semantic error if store is missing #read method" do
|
19
|
-
|
20
|
+
raised_exception = nil
|
21
|
+
|
22
|
+
fake_store_class = Class.new do
|
20
23
|
def write(key, value)
|
21
24
|
end
|
22
25
|
|
@@ -24,17 +27,21 @@ describe "Cache store config when using fail2ban" do
|
|
24
27
|
end
|
25
28
|
end
|
26
29
|
|
27
|
-
|
30
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
31
|
+
Rack::Attack.cache.store = FakeStore.new
|
28
32
|
|
29
|
-
|
30
|
-
|
33
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
34
|
+
get "/private-place"
|
35
|
+
end
|
31
36
|
end
|
32
37
|
|
33
|
-
assert_equal "
|
38
|
+
assert_equal "Configured store FakeStore doesn't respond to #read method", raised_exception.message
|
34
39
|
end
|
35
40
|
|
36
41
|
it "gives semantic error if store is missing #write method" do
|
37
|
-
|
42
|
+
raised_exception = nil
|
43
|
+
|
44
|
+
fake_store_class = Class.new do
|
38
45
|
def read(key)
|
39
46
|
end
|
40
47
|
|
@@ -42,17 +49,21 @@ describe "Cache store config when using fail2ban" do
|
|
42
49
|
end
|
43
50
|
end
|
44
51
|
|
45
|
-
|
52
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
53
|
+
Rack::Attack.cache.store = FakeStore.new
|
46
54
|
|
47
|
-
|
48
|
-
|
55
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
56
|
+
get "/private-place"
|
57
|
+
end
|
49
58
|
end
|
50
59
|
|
51
|
-
assert_equal "
|
60
|
+
assert_equal "Configured store FakeStore doesn't respond to #write method", raised_exception.message
|
52
61
|
end
|
53
62
|
|
54
63
|
it "gives semantic error if store is missing #increment method" do
|
55
|
-
|
64
|
+
raised_exception = nil
|
65
|
+
|
66
|
+
fake_store_class = Class.new do
|
56
67
|
def read(key)
|
57
68
|
end
|
58
69
|
|
@@ -60,17 +71,19 @@ describe "Cache store config when using fail2ban" do
|
|
60
71
|
end
|
61
72
|
end
|
62
73
|
|
63
|
-
|
74
|
+
Object.stub_const(:FakeStore, fake_store_class) do
|
75
|
+
Rack::Attack.cache.store = FakeStore.new
|
64
76
|
|
65
|
-
|
66
|
-
|
77
|
+
raised_exception = assert_raises(Rack::Attack::MisconfiguredStoreError) do
|
78
|
+
get "/private-place"
|
79
|
+
end
|
67
80
|
end
|
68
81
|
|
69
|
-
assert_equal "
|
82
|
+
assert_equal "Configured store FakeStore doesn't respond to #increment method", raised_exception.message
|
70
83
|
end
|
71
84
|
|
72
85
|
it "works with any object that responds to #read, #write and #increment" do
|
73
|
-
|
86
|
+
FakeStore = Class.new do
|
74
87
|
attr_accessor :backend
|
75
88
|
|
76
89
|
def initialize
|
@@ -91,7 +104,7 @@ describe "Cache store config when using fail2ban" do
|
|
91
104
|
end
|
92
105
|
end
|
93
106
|
|
94
|
-
Rack::Attack.cache.store =
|
107
|
+
Rack::Attack.cache.store = FakeStore.new
|
95
108
|
|
96
109
|
get "/"
|
97
110
|
assert_equal 200, last_response.status
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require_relative "../../spec_helper"
|
2
2
|
|
3
|
-
if defined?(::ConnectionPool) && defined?(::Redis) && defined?(::ActiveSupport::Cache::RedisCacheStore)
|
3
|
+
if defined?(::ConnectionPool) && defined?(::Redis) && Gem::Version.new(::Redis::VERSION) >= Gem::Version.new("4") && defined?(::ActiveSupport::Cache::RedisCacheStore)
|
4
4
|
require_relative "../../support/cache_store_helper"
|
5
5
|
require "timecop"
|
6
6
|
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require_relative "../../spec_helper"
|
2
2
|
|
3
|
-
if defined?(::Redis) && defined?(::ActiveSupport::Cache::RedisCacheStore)
|
3
|
+
if defined?(::Redis) && Gem::Version.new(::Redis::VERSION) >= Gem::Version.new("4") && defined?(::ActiveSupport::Cache::RedisCacheStore)
|
4
4
|
require_relative "../../support/cache_store_helper"
|
5
5
|
require "timecop"
|
6
6
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-attack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.4.
|
4
|
+
version: 5.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aaron Suggs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-10-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|
@@ -276,7 +276,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
276
276
|
version: '0'
|
277
277
|
requirements: []
|
278
278
|
rubyforge_project:
|
279
|
-
rubygems_version: 2.7.
|
279
|
+
rubygems_version: 2.7.6
|
280
280
|
signing_key:
|
281
281
|
specification_version: 4
|
282
282
|
summary: Block & throttle abusive requests
|