rack-honeypot 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/rack/honeypot.rb +14 -18
- metadata +60 -65
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 9defef64da60028a57eda5488cb1e83e12df5896
|
|
4
|
+
data.tar.gz: 437f5905aca4560ad753129d8de2a76bc3c77777
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 76489ae68d934c1aa7d8c5e12321255c3457210ee4acf86dacb52719e2c88d99570e8504e26236b6213bb6265e40973a1684255c39c26b3095c97809106964cf
|
|
7
|
+
data.tar.gz: d081780ac96b3a32ba3344fd5344c8d993752f68f902b988b7ca44db168d14b3c2a9285fea7771bffc7c08a4b389a0825c4ce533461d782508c93a41d113c54d
|
data/lib/rack/honeypot.rb
CHANGED
|
@@ -22,19 +22,25 @@ module Rack
|
|
|
22
22
|
@logger.warn("[Rack::Honeypot] Spam bot detected; responded with null") unless @logger.nil?
|
|
23
23
|
null_response
|
|
24
24
|
else
|
|
25
|
-
status, headers,
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
25
|
+
@status, @headers, @response = @app.call(env)
|
|
26
|
+
if @headers["Content-Type"] and @headers["Content-Type"].include?("text/html") and (@always_enabled || honeypot_header_present?(@headers))
|
|
27
|
+
body = insert_honeypot(response_body(@response))
|
|
28
|
+
@headers.merge("Content-Length" => body.length.to_s)
|
|
29
|
+
[@status, @headers, [body]]
|
|
30
|
+
else
|
|
31
|
+
[@status, @headers, @response]
|
|
30
32
|
end
|
|
31
|
-
|
|
32
|
-
[status, headers, body]
|
|
33
33
|
end
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
private
|
|
37
37
|
|
|
38
|
+
def response_body(response)
|
|
39
|
+
body = response.respond_to?(:body) ? response.body : response
|
|
40
|
+
body = body.inject("") { |i, a| i << a } if body.respond_to?(:each)
|
|
41
|
+
body.to_s
|
|
42
|
+
end
|
|
43
|
+
|
|
38
44
|
def spambot_submission?(form_hash)
|
|
39
45
|
form_hash && form_hash[@input_name] && form_hash[@input_name] != @input_value
|
|
40
46
|
end
|
|
@@ -43,26 +49,16 @@ module Rack
|
|
|
43
49
|
header = headers.delete(HONEYPOT_HEADER)
|
|
44
50
|
header && header.index("enabled")
|
|
45
51
|
end
|
|
46
|
-
|
|
52
|
+
|
|
47
53
|
def null_response
|
|
48
54
|
[200, {'Content-Type' => 'text/html', "Content-Length" => "0"}, []]
|
|
49
55
|
end
|
|
50
|
-
|
|
51
|
-
def response_body(response)
|
|
52
|
-
body = ""
|
|
53
|
-
|
|
54
|
-
# The body may not be an array, so we need to call #each here.
|
|
55
|
-
response.each {|part| body << part }
|
|
56
56
|
|
|
57
|
-
body
|
|
58
|
-
end
|
|
59
|
-
|
|
60
57
|
def response_headers(headers, body)
|
|
61
58
|
headers.merge("Content-Length" => body.length.to_s)
|
|
62
59
|
end
|
|
63
60
|
|
|
64
61
|
def insert_honeypot(body)
|
|
65
|
-
body = response_body(body)
|
|
66
62
|
body.gsub!(/<\/head>/, css + "\n</head>")
|
|
67
63
|
body.gsub!(/<form(.*)>/, '<form\1>' + "\n" + div)
|
|
68
64
|
body
|
metadata
CHANGED
|
@@ -1,100 +1,95 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-honeypot
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
prerelease:
|
|
6
|
-
segments:
|
|
7
|
-
- 0
|
|
8
|
-
- 1
|
|
9
|
-
- 2
|
|
10
|
-
version: 0.1.2
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.3
|
|
11
5
|
platform: ruby
|
|
12
|
-
authors:
|
|
6
|
+
authors:
|
|
13
7
|
- Luigi Montanez
|
|
14
8
|
- Luc Castera
|
|
15
9
|
- Daniel Schierbeck
|
|
16
10
|
autorequire:
|
|
17
11
|
bindir: bin
|
|
18
12
|
cert_chain: []
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
- !ruby/object:Gem::Dependency
|
|
13
|
+
date: 2016-01-26 00:00:00.000000000 Z
|
|
14
|
+
dependencies:
|
|
15
|
+
- !ruby/object:Gem::Dependency
|
|
23
16
|
name: unindentable
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
- - "="
|
|
29
|
-
- !ruby/object:Gem::Version
|
|
30
|
-
hash: 23
|
|
31
|
-
segments:
|
|
32
|
-
- 0
|
|
33
|
-
- 0
|
|
34
|
-
- 4
|
|
17
|
+
requirement: !ruby/object:Gem::Requirement
|
|
18
|
+
requirements:
|
|
19
|
+
- - '='
|
|
20
|
+
- !ruby/object:Gem::Version
|
|
35
21
|
version: 0.0.4
|
|
36
22
|
type: :runtime
|
|
37
|
-
version_requirements: *id001
|
|
38
|
-
- !ruby/object:Gem::Dependency
|
|
39
|
-
name: rack
|
|
40
23
|
prerelease: false
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
25
|
+
requirements:
|
|
26
|
+
- - '='
|
|
27
|
+
- !ruby/object:Gem::Version
|
|
28
|
+
version: 0.0.4
|
|
29
|
+
- !ruby/object:Gem::Dependency
|
|
30
|
+
name: rack
|
|
31
|
+
requirement: !ruby/object:Gem::Requirement
|
|
32
|
+
requirements:
|
|
44
33
|
- - ">="
|
|
45
|
-
- !ruby/object:Gem::Version
|
|
46
|
-
|
|
47
|
-
segments:
|
|
48
|
-
- 0
|
|
49
|
-
version: "0"
|
|
34
|
+
- !ruby/object:Gem::Version
|
|
35
|
+
version: '0'
|
|
50
36
|
type: :runtime
|
|
51
|
-
|
|
52
|
-
|
|
37
|
+
prerelease: false
|
|
38
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
39
|
+
requirements:
|
|
40
|
+
- - ">="
|
|
41
|
+
- !ruby/object:Gem::Version
|
|
42
|
+
version: '0'
|
|
43
|
+
- !ruby/object:Gem::Dependency
|
|
44
|
+
name: rack-test
|
|
45
|
+
requirement: !ruby/object:Gem::Requirement
|
|
46
|
+
requirements:
|
|
47
|
+
- - ">="
|
|
48
|
+
- !ruby/object:Gem::Version
|
|
49
|
+
version: '0'
|
|
50
|
+
type: :development
|
|
51
|
+
prerelease: false
|
|
52
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
53
|
+
requirements:
|
|
54
|
+
- - ">="
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '0'
|
|
57
|
+
description: This middleware acts as a spam trap. It inserts, into every outputted
|
|
58
|
+
<form>, a text field that a spambot will really want to fill in, but is actually
|
|
59
|
+
not used by the app. The field is hidden to humans via CSS, and includes a warning
|
|
60
|
+
label for screenreading software.
|
|
53
61
|
email: luigi.montanez@gmail.com
|
|
54
62
|
executables: []
|
|
55
|
-
|
|
56
63
|
extensions: []
|
|
57
|
-
|
|
58
|
-
extra_rdoc_files:
|
|
64
|
+
extra_rdoc_files:
|
|
59
65
|
- LICENSE.md
|
|
60
66
|
- README.md
|
|
61
|
-
files:
|
|
67
|
+
files:
|
|
62
68
|
- LICENSE.md
|
|
63
69
|
- README.md
|
|
64
70
|
- VERSION
|
|
65
71
|
- lib/rack/honeypot.rb
|
|
66
72
|
homepage: http://github.com/sunlightlabs/rack-honeypot
|
|
67
73
|
licenses: []
|
|
68
|
-
|
|
74
|
+
metadata: {}
|
|
69
75
|
post_install_message:
|
|
70
76
|
rdoc_options: []
|
|
71
|
-
|
|
72
|
-
require_paths:
|
|
77
|
+
require_paths:
|
|
73
78
|
- lib
|
|
74
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
75
|
-
|
|
76
|
-
requirements:
|
|
79
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
77
81
|
- - ">="
|
|
78
|
-
- !ruby/object:Gem::Version
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
version: "0"
|
|
83
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
84
|
-
none: false
|
|
85
|
-
requirements:
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: '0'
|
|
84
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
85
|
+
requirements:
|
|
86
86
|
- - ">="
|
|
87
|
-
- !ruby/object:Gem::Version
|
|
88
|
-
|
|
89
|
-
segments:
|
|
90
|
-
- 0
|
|
91
|
-
version: "0"
|
|
87
|
+
- !ruby/object:Gem::Version
|
|
88
|
+
version: '0'
|
|
92
89
|
requirements: []
|
|
93
|
-
|
|
94
90
|
rubyforge_project:
|
|
95
|
-
rubygems_version:
|
|
91
|
+
rubygems_version: 2.2.2
|
|
96
92
|
signing_key:
|
|
97
|
-
specification_version:
|
|
93
|
+
specification_version: 4
|
|
98
94
|
summary: Middleware that functions as a spambot trap.
|
|
99
95
|
test_files: []
|
|
100
|
-
|