rack-shield 1.1.0 → 1.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack/shield/request_ext.rb +5 -1
  3. data/lib/rack/shield/version.rb +1 -1
  4. data/lib/rack/shield.rb +9 -2
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 91381e561f753758f33de1f296eaf6df921d131d8780ec5d3ca6d21a1cabc022
4
- data.tar.gz: 737b223d0e6990ad9447f8f82b725d4a0e7bdfed9dc53d59085d78363c9d2e8b
3
+ metadata.gz: c750d4385a2c39170a389f8b5a2aca1e4b967abb97cbdcd2fb142fd470d8df8c
4
+ data.tar.gz: ea2b3f0519e5e38f742e1aa093366451082852ae6b57e29209d5c327c1298a84
5
5
  SHA512:
6
- metadata.gz: 31d9e273c7837fa8e6626247b1cc361e5f4138cf3061cc0c8fc605b717e962e48272d17b00ab3afd36374710422e4bb340322562835522c66ee7103c938b9870
7
- data.tar.gz: cfe65f88d463b9874d3e7b01045171c909fa74bede02f98b79bf5f57a32b3b648e43ee82d7c897b817ee11b95ffa6742c6e55a2663acc31809cf6f3d147449d0
6
+ metadata.gz: 28d31dba76eda79a987bc8139ce7f1fa22cc0347ea5bd2dda52e79064e040bd0569e14c7c642d37421e25dd390410198ddb51ca2ce26d54e3e0842c828c9f2cb
7
+ data.tar.gz: 7b1d80c74cbbe6d07e2127f967fc7373dccc7f1258b9c4050311442b378ba9a47aedc7fafdf0342554c3d72d1353fd381d20277b93d17d99e640fc70d9d63daa
data/lib/rack/shield/request_ext.rb CHANGED
@@ -2,7 +2,11 @@ module Rack
2
2
  module Shield
3
3
  module RequestExt
4
4
  def raw_post_data
5
- env['RAW_POST_DATA']
5
+ if body
6
+ data = body.read
7
+ body.rewind
8
+ data
9
+ end
6
10
  end
7
11
  end
8
12
  end
data/lib/rack/shield/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Shield
3
- VERSION = '1.1.0'
3
+ VERSION = '1.1.2'
4
4
  end
5
5
  end
data/lib/rack/shield.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'pathname'
2
+ require 'stringio'
2
3
  require 'rack/attack'
3
4
  require_relative 'shield/version'
4
5
  require_relative 'shield/responder'
@@ -7,7 +8,7 @@ require_relative 'shield/request_ext'
7
8
  module Rack
8
9
  module Shield
9
10
  DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
10
- /\.(php|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|py|lasso|e?rb|pl|jsp|do|action|sh)\z/i,
11
+ /\.(php|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|py|lasso|e?rb|pl|jsp|do|action|sh|dll)\z/i,
11
12
  'cgi-bin',
12
13
  'phpmyadmin',
13
14
  '/pma/',
@@ -41,12 +42,18 @@ module Rack
41
42
  'deployment-config.json',
42
43
  'ftpsync.settings',
43
44
  '/_profiler/latest',
44
- '/_ignition/execute-solution',
45
+ '/_ignition/',
45
46
  '/_wpeprivate/',
46
47
  '/Config/SaveUploadedHotspotLogoFile',
47
48
  'ALFA_DATA',
48
49
  'cgialfa',
49
50
  'alfacgiapi',
51
+ '/+CSCOT+/',
52
+ '/api/v2/cmdb/system',
53
+ 'com.vmware.vsan.client.services',
54
+ '/aspnet-ajax/',
55
+ '/Portal.mwsl',
56
+ '/adminer',
50
57
  /\A\/"/,
51
58
  /\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
52
59
  /\/old\/?\z/,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-shield
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthias Grosser
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-19 00:00:00.000000000 Z
11
+ date: 2023-01-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-attack