rack-cloudflare 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6c8a5b0439022d396fd56721e79b97a96c4cf830b0e37c27a4a9f6f2db2f8bd0
-  data.tar.gz: d3866b5cfcce96211b25ae277b5e5280f3f38e0eb5f78d291c23d2a08cf84715
+  metadata.gz: 226fb49f7f04f287c5ad80d37f92547073049bc1d222054a082a09f2eb85d7e0
+  data.tar.gz: 2b196672e8bca43dfcd22f920ec69fc7250b71fced112aee3d01729c1b40976c
 SHA512:
-  metadata.gz: 8ea482f40489690a5f368f0e21a9aad7fbc59dc76517b351b635ff53064ac8a1339ecc4c3129047967d5bdbafa259aa11a4b79314ea52ebe78b63d3bf031e9f4
-  data.tar.gz: 40709bddc477ccd842dd50318827c4af50bbc7cf5a0b8ee58304e0e0d0d736b5fdd04b8b6f81692eb45f82b9a04492c4cb63001e6089490ab8e1cb8ee217b2a4
+  metadata.gz: a9c0b7967fa66302c86268e9f80d5e1eece2401b95e4ab0b6b1b91ab41070e4fed3ee554385fe6f5f34cdea8a5a809fa731ebaa6c0ce0ad114c8f2a020bdc285
+  data.tar.gz: 220c954ca1c7779bc811831168cfa15e44c72268917b3b8576eecc6b2794297c03a722a135fdb6710ae3e80d87a5f39d48fdbf46e1a729e4cf74a8a06ed3d212

data/.gitignore

@@ -10,4 +10,5 @@
 # rspec failure tracking
 .rspec_status
 
-Gemfile.lock
+Gemfile.lock
+*.gem

data/README.md

@@ -24,27 +24,31 @@ Or install it yourself as:
 
 You can block access to non-Cloudflare networks using `Rack::Cloudflare::Middleware::AccessControl`.
 
-    require 'rack/cloudflare'
+```ruby
+require 'rack/cloudflare'
 
-    # In config.ru
-    use Rack::Cloudflare::Middleware::AccessControl
+# In config.ru
+use Rack::Cloudflare::Middleware::AccessControl
 
-    # In Rails config/application.rb
-    config.middleware.use Rack::Cloudflare::Middleware::AccessControl
+# In Rails config/application.rb
+config.middleware.use Rack::Cloudflare::Middleware::AccessControl
 
-    # Configure custom blocked message (defaults to "Forbidden")
-    Rack::Cloudflare::Middleware::AccessControl.blocked_message = "You don't belong here..."
+# Configure custom blocked message (defaults to "Forbidden")
+Rack::Cloudflare::Middleware::AccessControl.blocked_message = "You don't belong here..."
 
-    # Fully customize the Rack response (such as making it a redirect)
-    Rack::Cloudflare::Middleware::AccessControl.blocked_response = lambda do |_env|
-      [301, { 'Location' => 'https://somewhere.else.xyz' }, ["Redirecting...\n"]]
-    end
+# Fully customize the Rack response (such as making it a redirect)
+Rack::Cloudflare::Middleware::AccessControl.blocked_response = lambda do |_env|
+    [301, { 'Location' => 'https://somewhere.else.xyz' }, ["Redirecting...\n"]]
+end
+```
 
 Alternatively, using [`Rack::Attack`](https://github.com/kickstarter/rack-attack) you can easily add a "safelist" rule.
 
-    Rack::Attack.safelist('Only allow requests through the Cloudflare network') do |request|
-      Rack::Cloudflare::Headers.trusted?(request.env)
-    end
+```ruby
+Rack::Attack.safelist('Only allow requests through the Cloudflare network') do |request|
+    Rack::Cloudflare::Headers.trusted?(request.env)
+end
+```
 
 Utilizing the `trusted?` helper method, you can implement a similar check using other middleware.
 
@@ -54,22 +58,26 @@ See _Toolkits: Detect Cloudflare Requests_ for alternative uses.
 
 You can set `REMOTE_ADDR` to the correct remote IP using `Rack::Cloudflare::Middleware::RewriteHeaders`.
 
-    require 'rack/cloudflare'
+```ruby
+require 'rack/cloudflare'
 
-    # In config.ru
-    use Rack::Cloudflare::Middleware::RewriteHeaders
+# In config.ru
+use Rack::Cloudflare::Middleware::RewriteHeaders
 
-    # In Rails config/application.rb
-    config.middleware.use Rack::Cloudflare::Middleware::RewriteHeaders
+# In Rails config/application.rb
+config.middleware.use Rack::Cloudflare::Middleware::RewriteHeaders
+```
 
 You can customize whether rewritten headers should be backed up and what names to use.
 
-    # Toggle header backups
-    Rack::Cloudflare::Headers.backup = false
+```ruby
+# Toggle header backups (default: true)
+Rack::Cloudflare::Headers.backup = false
 
-    # Rename backed up headers (defaults: "ORIGINAL_REMOTE_ADDR", "ORIGINAL_FORWARDED_FOR")
-    Rack::Cloudflare::Headers.original_remote_addr   = 'BACKUP_REMOTE_ADDR'
-    Rack::Cloudflare::Headers.original_forwarded_for = 'BACKUP_FORWARDED_FOR'
+# Rename backed up headers (defaults: "ORIGINAL_REMOTE_ADDR", "ORIGINAL_FORWARDED_FOR")
+Rack::Cloudflare::Headers.original_remote_addr   = 'BACKUP_REMOTE_ADDR'
+Rack::Cloudflare::Headers.original_forwarded_for = 'BACKUP_FORWARDED_FOR'
+```
 
 See _Toolkits: Rewrite Headers_ for alternative uses.
 
@@ -77,7 +85,9 @@ See _Toolkits: Rewrite Headers_ for alternative uses.
 
 You can enable logging to see what requests are blocked or headers are rewritten.
 
-    Rack::Cloudflare.logger = Logger.new(STDOUT)
+```ruby
+Rack::Cloudflare.logger = Logger.new(STDOUT)
+```
 
 Log levels used are INFO, DEBUG and WARN.
 
@@ -87,10 +97,12 @@ Log levels used are INFO, DEBUG and WARN.
 
 You can very easily check your HTTP headers to see if the request came from a Cloudflare network.
 
-    # Your headers are in a `Hash` format
-    # e.g. { 'REMOTE_ADDR' => '0.0.0.0', ... }
-    # Verifies the remote address
-    Rack::Cloudflare::Headers.trusted?(headers)
+```ruby
+# Your headers are in a `Hash` format
+# e.g. { 'REMOTE_ADDR' => '0.0.0.0', ... }
+# Verifies the remote address
+Rack::Cloudflare::Headers.trusted?(headers)
+```
 
 Note that we can only trust the `REMOTE_ADDR` header to verify a request came from Cloudflare.
 The `HTTP_X_FORWARDED_FOR` header can be modified and therefore not trusted.
@@ -102,17 +114,19 @@ Read this article, for example: [Anatomy of an Attack: How I Hacked StackOverflo
 
 We can easily rewrite `REMOTE_ADDR` and add `HTTP_X_FORWARDED_FOR` based on verifying the request comes from a Cloudflare network.
 
-    # Get a list of headers relevant to Cloudflare (unmodified)
-    headers = Rack::Cloudflare::Headers.new(headers).target_headers
+```ruby
+# Get a list of headers relevant to Cloudflare (unmodified)
+headers = Rack::Cloudflare::Headers.new(headers).target_headers
 
-    # Get a list of headers that will be rewritten (modified)
-    headers = Rack::Cloudflare::Headers.new(headers).rewritten_headers
+# Get a list of headers that will be rewritten (modified)
+headers = Rack::Cloudflare::Headers.new(headers).rewritten_headers
 
-    # Get a list of headers relevant to Cloudflare with rewritten values
-    headers = Rack::Cloudflare::Headers.new(headers).rewritten_target_headers
+# Get a list of headers relevant to Cloudflare with rewritten values
+headers = Rack::Cloudflare::Headers.new(headers).rewritten_target_headers
 
-    # Update original headers with rewritten ones
-    headers = Rack::Cloudflare::Headers.new(headers).rewrite
+# Update original headers with rewritten ones
+headers = Rack::Cloudflare::Headers.new(headers).rewrite
+```
 
 ### Up-to-date Cloudflare IP addresses
 
@@ -120,17 +134,21 @@ Cloudflare provides a [list of IP addresses](https://www.cloudflare.com/ips/) th
 
 A copy of the IPs are kept in [/data](./data/). The list is converted to a `IPAddr` list and is accessible as:
 
-    # Configurable list of IPs
-    # Defaults to Rack::Cloudflare::IPs::DEFAULTS
-    Rack::Cloudflare::IPs.list
+```ruby
+# Configurable list of IPs
+# Defaults to Rack::Cloudflare::IPs::DEFAULTS
+Rack::Cloudflare::IPs.list
+```
 
 The list can be updated to Cloudflare's latest published IP lists in-memory:
 
-    # Fetches Rack::Cloudflare::IPs::V4_URL and Rack::Cloudflare::IPs::V6_URL
-    Rack::Cloudflare::IPs.refresh!
+```ruby
+# Fetches Rack::Cloudflare::IPs::V4_URL and Rack::Cloudflare::IPs::V6_URL
+Rack::Cloudflare::IPs.refresh!
 
-    # Updates cached list in-memory
-    Rack::Cloudflare::IPs.list
+# Updates cached list in-memory
+Rack::Cloudflare::IPs.list
+```
 
 ## Credits
 

data/Rakefile

@@ -14,7 +14,7 @@ RubyCritic::RakeTask.new do |task|
   # task.name    = 'something_special'
 
   # # Glob pattern to match source files. Defaults to FileList['.'].
-  task.paths = FileList['apps/**/*.rb', 'lib/**/*.rb']
+  task.paths = FileList['lib/**/*.rb']
 
   # # You can pass all the options here in that are shown by "rubycritic -h" except for
   # # "-p / --path" since that is set separately. Defaults to ''.

data/lib/rack/cloudflare/headers.rb

@@ -69,7 +69,7 @@ module Rack
       # "Cf-Visitor: { \"scheme\":\"https\"}"
       def visitor
         return unless has?(HTTP_CF_VISITOR)
-        JSON.parse @headers[HTTP_CF_VISITOR]
+        ::JSON.parse @headers[HTTP_CF_VISITOR]
       end
 
       def remote_addr

data/lib/rack/cloudflare/ips.rb

@@ -20,16 +20,16 @@ module Rack
         end
 
         def fetch(url)
-          parse Net::HTTP.get(URI(url))
+          parse ::Net::HTTP.get(URI(url))
         end
 
         def read(filename)
-          parse File.read(filename)
+          parse ::File.read(filename)
         end
 
         def parse(string)
           return [] if string.to_s.strip.empty?
-          string.split(/[,\s]+/).map { |ip| IPAddr.new(ip.strip) }
+          string.split(/[,\s]+/).map { |ip| ::IPAddr.new(ip.strip) }
         end
       end
 

data/lib/rack/cloudflare/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   class Cloudflare
-    VERSION = '1.0.0'
+    VERSION = '1.0.1'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-cloudflare
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Joel Van Horn
@@ -105,7 +105,6 @@ files:
 - lib/rack/cloudflare/middleware/access_control.rb
 - lib/rack/cloudflare/middleware/rewrite_headers.rb
 - lib/rack/cloudflare/version.rb
-- rack-cloudflare-0.1.0.gem
 - rack-cloudflare.gemspec
 homepage: https://github.com/joelvh/rack-cloudflare
 licenses: []