RubyGems - rack-shield - Versions diffs - 1.1.0 → 1.1.2 - Mend

rack-shield 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/rack/shield/request_ext.rb +5 -1
data/lib/rack/shield/version.rb +1 -1
data/lib/rack/shield.rb +9 -2
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 91381e561f753758f33de1f296eaf6df921d131d8780ec5d3ca6d21a1cabc022
-  data.tar.gz: 737b223d0e6990ad9447f8f82b725d4a0e7bdfed9dc53d59085d78363c9d2e8b
+  metadata.gz: c750d4385a2c39170a389f8b5a2aca1e4b967abb97cbdcd2fb142fd470d8df8c
+  data.tar.gz: ea2b3f0519e5e38f742e1aa093366451082852ae6b57e29209d5c327c1298a84
 SHA512:
-  metadata.gz: 31d9e273c7837fa8e6626247b1cc361e5f4138cf3061cc0c8fc605b717e962e48272d17b00ab3afd36374710422e4bb340322562835522c66ee7103c938b9870
-  data.tar.gz: cfe65f88d463b9874d3e7b01045171c909fa74bede02f98b79bf5f57a32b3b648e43ee82d7c897b817ee11b95ffa6742c6e55a2663acc31809cf6f3d147449d0
+  metadata.gz: 28d31dba76eda79a987bc8139ce7f1fa22cc0347ea5bd2dda52e79064e040bd0569e14c7c642d37421e25dd390410198ddb51ca2ce26d54e3e0842c828c9f2cb
+  data.tar.gz: 7b1d80c74cbbe6d07e2127f967fc7373dccc7f1258b9c4050311442b378ba9a47aedc7fafdf0342554c3d72d1353fd381d20277b93d17d99e640fc70d9d63daa

data/lib/rack/shield/request_ext.rb CHANGED Viewed

@@ -2,7 +2,11 @@ module Rack
   module Shield
     module RequestExt
       def raw_post_data
-        env['RAW_POST_DATA']
+        if body
+          data = body.read
+          body.rewind
+          data
+        end
       end
     end
   end

data/lib/rack/shield/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rack
   module Shield
-    VERSION = '1.1.0'
+    VERSION = '1.1.2'
   end
 end

data/lib/rack/shield.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'pathname'
+require 'stringio'
 require 'rack/attack'
 require_relative 'shield/version'
 require_relative 'shield/responder'
@@ -7,7 +8,7 @@ require_relative 'shield/request_ext'
 module Rack
   module Shield
     DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
-                     /\.(php|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|py|lasso|e?rb|pl|jsp|do|action|sh)\z/i,
+                     /\.(php|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|py|lasso|e?rb|pl|jsp|do|action|sh|dll)\z/i,
                     'cgi-bin',
                     'phpmyadmin',
                     '/pma/',
@@ -41,12 +42,18 @@ module Rack
                     'deployment-config.json',
                     'ftpsync.settings',
                     '/_profiler/latest',
-                    '/_ignition/execute-solution',
+                    '/_ignition/',
                     '/_wpeprivate/',
                     '/Config/SaveUploadedHotspotLogoFile',
                     'ALFA_DATA',
                     'cgialfa',
                     'alfacgiapi',
+                    '/+CSCOT+/',
+                    '/api/v2/cmdb/system',
+                    'com.vmware.vsan.client.services',
+                    '/aspnet-ajax/',
+                    '/Portal.mwsl',
+                    '/adminer',
                     /\A\/"/,
                     /\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
                     /\/old\/?\z/,

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-shield
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.2
 platform: ruby
 authors:
 - Matthias Grosser
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-19 00:00:00.000000000 Z
+date: 2023-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack-attack