rack-shield 1.2.2 → 1.2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rack/shield/version.rb +1 -1
- data/lib/rack/shield.rb +23 -3
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4af714e5e9f99087a7d9376a6824428112009e44108e80b384394d46f5e1c4bb
|
|
4
|
+
data.tar.gz: 11d2187927845f57118132650ee3b841932396a5d88db64eb3034a52a1b12f59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3f27f1100223082d87ecc61fe26d0e302bd86701e946834052e9c5d407b2aad8211dd27d8d0e625bc4d7f8aa489ff4e06a5dfa7c4ce3e7b472a8d4e1f2861a00
|
|
7
|
+
data.tar.gz: e1fe4c1f9abe6488639616ab1c21408297dde642656973e2a45c7c585715857d5b081e5c558a71f7fddb578e58a4ed0a9d018fdb7a4dd2d2ff73d26b48dc29b9
|
data/lib/rack/shield/version.rb
CHANGED
data/lib/rack/shield.rb
CHANGED
|
@@ -8,7 +8,7 @@ require_relative 'shield/request_ext'
|
|
|
8
8
|
module Rack
|
|
9
9
|
module Shield
|
|
10
10
|
DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
|
|
11
|
-
/\.(php\d?|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp)\z/i,
|
|
11
|
+
/\.(php\d?|cgi|asp|aspx|env|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp|ehp)\z/i,
|
|
12
12
|
'cgi-bin',
|
|
13
13
|
'phpmyadmin',
|
|
14
14
|
'/pma/',
|
|
@@ -72,10 +72,25 @@ module Rack
|
|
|
72
72
|
'/UploadServlet',
|
|
73
73
|
'/meta-data/identity-credentials/',
|
|
74
74
|
'/SDK/webLanguage',
|
|
75
|
+
'/seeyon/htmlofficeservlet',
|
|
76
|
+
'/jmx-console',
|
|
77
|
+
'/nginx.conf',
|
|
78
|
+
'/WEB-INF/',
|
|
79
|
+
'/VisionHubWebApi/',
|
|
80
|
+
'/groovyconsole',
|
|
81
|
+
'/SaveUploadedHotspotLogoFile',
|
|
82
|
+
'/downloadMainLog',
|
|
83
|
+
'/aspera/faspex',
|
|
84
|
+
'/actuator/health',
|
|
85
|
+
'/SiteLoader',
|
|
86
|
+
'/mPlayer',
|
|
87
|
+
'/Portal0000.htm',
|
|
88
|
+
'/rest/applinks/',
|
|
89
|
+
'/nice%20ports',
|
|
90
|
+
'/remote/logincheck',
|
|
75
91
|
/\A\/"/,
|
|
76
92
|
/\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
|
|
77
93
|
/\/old\/?\z/,
|
|
78
|
-
/\/\.env\z/,
|
|
79
94
|
/\A\/old-wp/,
|
|
80
95
|
/\A\/(wordpress|wp)(\/|\z)/,
|
|
81
96
|
/Open-Xchange/i]
|
|
@@ -97,7 +112,12 @@ module Rack
|
|
|
97
112
|
'HelloThinkCMF',
|
|
98
113
|
'XDEBUG_SESSION_START']
|
|
99
114
|
|
|
100
|
-
DEFAULT_BODIES = ['OKMLlKlV'
|
|
115
|
+
DEFAULT_BODIES = ['OKMLlKlV',
|
|
116
|
+
'DBMS_PIPE.RECEIVE_MESSAGE',
|
|
117
|
+
/WAITFOR DELAY/i,
|
|
118
|
+
/FROM PG_SLEEP/i,
|
|
119
|
+
/CHR\(\d+\)/i,
|
|
120
|
+
/UNION.+SELECT/i]
|
|
101
121
|
|
|
102
122
|
class << self
|
|
103
123
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-shield
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matthias Grosser
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack-attack
|
|
@@ -44,7 +44,7 @@ homepage: https://github.com/mtgrosser/rack-shield
|
|
|
44
44
|
licenses:
|
|
45
45
|
- MIT
|
|
46
46
|
metadata: {}
|
|
47
|
-
post_install_message:
|
|
47
|
+
post_install_message:
|
|
48
48
|
rdoc_options: []
|
|
49
49
|
require_paths:
|
|
50
50
|
- lib
|
|
@@ -59,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
60
|
version: '0'
|
|
61
61
|
requirements: []
|
|
62
|
-
rubygems_version: 3.
|
|
63
|
-
signing_key:
|
|
62
|
+
rubygems_version: 3.5.9
|
|
63
|
+
signing_key:
|
|
64
64
|
specification_version: 4
|
|
65
65
|
summary: Block and unblock evil requests
|
|
66
66
|
test_files: []
|