rack-bouncer 1.4.0 → 1.4.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +2 -4
- data/lib/rack/bouncer.rb +12 -9
- data/test/lib/rack/bouncer_test.rb +8 -30
- metadata +3 -3
data/README.md
CHANGED
|
@@ -29,7 +29,7 @@ You can redirect users to a URL as well:
|
|
|
29
29
|
|
|
30
30
|
You can specify a minimum version of Chrome like so:
|
|
31
31
|
|
|
32
|
-
use Rack::Bouncer, :
|
|
32
|
+
use Rack::Bouncer, :minimum_chrome => 6.0
|
|
33
33
|
|
|
34
34
|
You can specify a minimum version of Firefox like so:
|
|
35
35
|
|
|
@@ -45,9 +45,7 @@ You can specify a minimum version of Safari like so:
|
|
|
45
45
|
|
|
46
46
|
You can specify a set of safe paths:
|
|
47
47
|
|
|
48
|
-
use Rack::Bouncer, :safe_paths => ["/
|
|
49
|
-
|
|
50
|
-
*NOTE:* By default, the above paths are safe already.
|
|
48
|
+
use Rack::Bouncer, :safe_paths => ["/assets", "/feedback.html"]
|
|
51
49
|
|
|
52
50
|
## warning
|
|
53
51
|
|
data/lib/rack/bouncer.rb
CHANGED
|
@@ -2,10 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
module Rack
|
|
4
4
|
class Bouncer
|
|
5
|
-
VERSION = "1.4.
|
|
5
|
+
VERSION = "1.4.1"
|
|
6
6
|
|
|
7
7
|
DEFAULT_OPTIONS = {
|
|
8
|
-
:safe_paths => [
|
|
8
|
+
:safe_paths => [],
|
|
9
9
|
:redirect => "http://browsehappy.com/",
|
|
10
10
|
:minimum_chrome => 7.0,
|
|
11
11
|
:minimum_firefox => 4.0,
|
|
@@ -19,10 +19,11 @@ module Rack
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def call(env)
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
path_info = env["PATH_INFO"]
|
|
24
23
|
user_agent = env["HTTP_USER_AGENT"]
|
|
25
24
|
|
|
25
|
+
return @app.call(env) if safe_path?(path_info) || user_agent_blank?(user_agent)
|
|
26
|
+
|
|
26
27
|
return expel if undesirable_ie?(user_agent) ||
|
|
27
28
|
undesirable_aol?(user_agent) ||
|
|
28
29
|
undesirable_firefox?(user_agent) ||
|
|
@@ -34,13 +35,15 @@ module Rack
|
|
|
34
35
|
|
|
35
36
|
private
|
|
36
37
|
|
|
37
|
-
def safe_path?(
|
|
38
|
-
return true if @options[:redirect]
|
|
39
|
-
|
|
38
|
+
def safe_path?(path_info)
|
|
39
|
+
return true if path_info == @options[:redirect]
|
|
40
|
+
|
|
41
|
+
return false if @options[:safe_paths].empty?
|
|
42
|
+
return path_info =~ Regexp.new("^(#{@options[:safe_paths].join("|")})")
|
|
40
43
|
end
|
|
41
44
|
|
|
42
|
-
def user_agent_blank?(
|
|
43
|
-
|
|
45
|
+
def user_agent_blank?(user_agent)
|
|
46
|
+
user_agent.nil? || user_agent.empty?
|
|
44
47
|
end
|
|
45
48
|
|
|
46
49
|
def expel
|
|
@@ -3,15 +3,14 @@ require "test_helper"
|
|
|
3
3
|
|
|
4
4
|
class Rack::BouncerTest < MiniTest::Unit::TestCase
|
|
5
5
|
def test_version
|
|
6
|
-
assert_equal "1.4.
|
|
6
|
+
assert_equal "1.4.1", Rack::Bouncer::VERSION
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
# Default Options
|
|
10
10
|
#################################################################################################
|
|
11
11
|
|
|
12
12
|
def test_default_safe_paths
|
|
13
|
-
|
|
14
|
-
assert_equal expected, Rack::Bouncer::DEFAULT_OPTIONS[:safe_paths]
|
|
13
|
+
assert_equal [], Rack::Bouncer::DEFAULT_OPTIONS[:safe_paths]
|
|
15
14
|
end
|
|
16
15
|
|
|
17
16
|
def test_default_redirect
|
|
@@ -93,37 +92,16 @@ class Rack::BouncerTest < MiniTest::Unit::TestCase
|
|
|
93
92
|
assert_equal response.location, "/browser"
|
|
94
93
|
end
|
|
95
94
|
|
|
96
|
-
def
|
|
97
|
-
request = create_request
|
|
98
|
-
response = request.get("/
|
|
95
|
+
def test_allows_given_1_safe_path
|
|
96
|
+
request = create_request(:safe_paths => ["/assets"])
|
|
97
|
+
response = request.get("/assets", "HTTP_USER_AGENT" => USER_AGENTS[:ie_6_0])
|
|
99
98
|
assert_equal 200, response.status
|
|
100
99
|
assert_equal "Hi Internets!", response.body
|
|
101
100
|
end
|
|
102
101
|
|
|
103
|
-
def
|
|
104
|
-
request = create_request
|
|
105
|
-
response = request.get("/
|
|
106
|
-
assert_equal 200, response.status
|
|
107
|
-
assert_equal "Hi Internets!", response.body
|
|
108
|
-
end
|
|
109
|
-
|
|
110
|
-
def test_allows_stylesheets_path
|
|
111
|
-
request = create_request
|
|
112
|
-
response = request.get("/stylesheets", "HTTP_USER_AGENT" => USER_AGENTS[:ie_6_0])
|
|
113
|
-
assert_equal 200, response.status
|
|
114
|
-
assert_equal "Hi Internets!", response.body
|
|
115
|
-
end
|
|
116
|
-
|
|
117
|
-
def test_allows_javascripts_path
|
|
118
|
-
request = create_request
|
|
119
|
-
response = request.get("/javascripts", "HTTP_USER_AGENT" => USER_AGENTS[:ie_6_0])
|
|
120
|
-
assert_equal 200, response.status
|
|
121
|
-
assert_equal "Hi Internets!", response.body
|
|
122
|
-
end
|
|
123
|
-
|
|
124
|
-
def test_allows_feedback_path
|
|
125
|
-
request = create_request
|
|
126
|
-
response = request.get("/feedback", "HTTP_USER_AGENT" => USER_AGENTS[:ie_6_0])
|
|
102
|
+
def test_allows_given_2_safe_paths
|
|
103
|
+
request = create_request(:safe_paths => ["/assets", "/feedback.html"])
|
|
104
|
+
response = request.get("/feedback.html", "HTTP_USER_AGENT" => USER_AGENTS[:ie_6_0])
|
|
127
105
|
assert_equal 200, response.status
|
|
128
106
|
assert_equal "Hi Internets!", response.body
|
|
129
107
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-bouncer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 5
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 1
|
|
8
8
|
- 4
|
|
9
|
-
-
|
|
10
|
-
version: 1.4.
|
|
9
|
+
- 1
|
|
10
|
+
version: 1.4.1
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Julio Cesar Ody
|