rack_strip_client_ip 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --color
2
+ --format progress
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in rack_strip_client_ip.gemspec
4
+ gemspec
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Alex Tomlins
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,38 @@
1
+ # RackStripClientIp
2
+
3
+ Rack middleware to strip the Client-Ip HTTP header. This is intended to prevent a spoofed Client-Ip header from triggering an IpSpoofAttackError exception.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'rack_strip_client_ip'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install rack_strip_client_ip
18
+
19
+ ## Usage
20
+
21
+ ### Rails
22
+
23
+ Add the gem to the Gemfile as above, and it will automatically add itself to the middleware stack.
24
+
25
+ ### Other rack applications
26
+
27
+ Add the gem to the Gemfile, and add it to the middleware stack. e.g.
28
+
29
+ use RackStripClientIp
30
+
31
+
32
+ ## Contributing
33
+
34
+ 1. Fork it
35
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
36
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
37
+ 4. Push to the branch (`git push origin my-new-feature`)
38
+ 5. Create new Pull Request
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+
3
+ require "rspec/core/rake_task"
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
@@ -0,0 +1,3 @@
1
+ require "rack_strip_client_ip/version"
2
+ require "rack_strip_client_ip/middleware"
3
+ require "rack_strip_client_ip/railtie" if defined? Rails
@@ -0,0 +1,17 @@
1
+ module RackStripClientIp
2
+ class Middleware
3
+ def initialize(app)
4
+ @app = app
5
+ end
6
+
7
+ def call(env)
8
+ @app.call(strip_client_ip_header(env))
9
+ end
10
+
11
+ private
12
+
13
+ def strip_client_ip_header(env)
14
+ env.reject {|key, _| key.upcase == "HTTP_CLIENT_IP" }
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,7 @@
1
+ module RackStripClientIp
2
+ class Railtie < Rails::Railtie
3
+ initializer "rack_strip_client_ip.insert_middleware" do |app|
4
+ app.config.middleware.insert_before 0, "RackStripClientIp::Middleware"
5
+ end
6
+ end
7
+ end
@@ -0,0 +1,3 @@
1
+ module RackStripClientIp
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'rack_strip_client_ip/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "rack_strip_client_ip"
8
+ spec.version = RackStripClientIp::VERSION
9
+ spec.authors = ["Alex Tomlins"]
10
+ spec.email = ["alex@tomlins.org.uk"]
11
+ spec.description = %q{rack middleware to remote Client-IP headers. This is to prevent IpSpoofAttackErrors in a Rails app}
12
+ spec.summary = %q{rack middleware to remote Client-IP headers}
13
+ spec.homepage = "https://github.com/alext/rack_strip_client_ip"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler"
22
+ spec.add_development_dependency "rake"
23
+ spec.add_development_dependency "rack-test", "0.6.2"
24
+ spec.add_development_dependency "rspec", "2.14.1"
25
+ end
@@ -0,0 +1,34 @@
1
+ require 'spec_helper'
2
+ require 'rack/test'
3
+
4
+ require 'rack_strip_client_ip'
5
+
6
+ describe RackStripClientIp::Middleware do
7
+ include Rack::Test::Methods
8
+
9
+ def app
10
+ RackStripClientIp::Middleware.new( proc {|env| @inner_app_env = env.dup; [200, {}, "Inner app response"] } )
11
+ end
12
+
13
+ it "should pass the request to the inner app" do
14
+ get "/"
15
+ expect(last_response.status).to eq(200)
16
+ expect(last_response.body).to match(/Inner app response/)
17
+ expect(@inner_app_env).not_to be_nil
18
+ end
19
+
20
+ it "should remove the Client-Ip header" do
21
+ get "/", {}, {"HTTP_CLIENT_IP" => "1.2.3.4"}
22
+ expect(@inner_app_env["HTTP_CLIENT_IP"]).to be_nil
23
+ end
24
+
25
+ it "should match the Client-Ip header in a case-insensitive manner" do
26
+ get "/", {}, {"HtTp_CLieNT_Ip" => "1.2.3.4"}
27
+ expect(@inner_app_env["HtTp_CLieNT_Ip"]).to be_nil
28
+ end
29
+
30
+ it "should pass other headers through unmodified" do
31
+ get "/", {}, {"HTTP_CLIENT_IP" => "1.2.3.4", "Foo" => "bar"}
32
+ expect(@inner_app_env["Foo"]).to eq("bar")
33
+ end
34
+ end
@@ -0,0 +1,17 @@
1
+ # This file was generated by the `rspec --init` command. Conventionally, all
2
+ # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
3
+ # Require this file using `require "spec_helper"` to ensure that it is only
4
+ # loaded once.
5
+ #
6
+ # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
7
+ RSpec.configure do |config|
8
+ config.treat_symbols_as_metadata_keys_with_true_values = true
9
+ config.run_all_when_everything_filtered = true
10
+ config.filter_run :focus
11
+
12
+ # Run specs in random order to surface order dependencies. If you find an
13
+ # order dependency and want to debug it, you can fix the order by providing
14
+ # the seed, which is printed after each run.
15
+ # --seed 1234
16
+ config.order = 'random'
17
+ end
metadata ADDED
@@ -0,0 +1,132 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack_strip_client_ip
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Alex Tomlins
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-09-02 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: bundler
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :development
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ! '>='
28
+ - !ruby/object:Gem::Version
29
+ version: '0'
30
+ - !ruby/object:Gem::Dependency
31
+ name: rake
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ type: :development
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: '0'
46
+ - !ruby/object:Gem::Dependency
47
+ name: rack-test
48
+ requirement: !ruby/object:Gem::Requirement
49
+ none: false
50
+ requirements:
51
+ - - '='
52
+ - !ruby/object:Gem::Version
53
+ version: 0.6.2
54
+ type: :development
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - '='
60
+ - !ruby/object:Gem::Version
61
+ version: 0.6.2
62
+ - !ruby/object:Gem::Dependency
63
+ name: rspec
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - '='
68
+ - !ruby/object:Gem::Version
69
+ version: 2.14.1
70
+ type: :development
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - '='
76
+ - !ruby/object:Gem::Version
77
+ version: 2.14.1
78
+ description: rack middleware to remote Client-IP headers. This is to prevent IpSpoofAttackErrors
79
+ in a Rails app
80
+ email:
81
+ - alex@tomlins.org.uk
82
+ executables: []
83
+ extensions: []
84
+ extra_rdoc_files: []
85
+ files:
86
+ - .gitignore
87
+ - .rspec
88
+ - Gemfile
89
+ - LICENSE.txt
90
+ - README.md
91
+ - Rakefile
92
+ - lib/rack_strip_client_ip.rb
93
+ - lib/rack_strip_client_ip/middleware.rb
94
+ - lib/rack_strip_client_ip/railtie.rb
95
+ - lib/rack_strip_client_ip/version.rb
96
+ - rack_strip_client_ip.gemspec
97
+ - spec/middleware_spec.rb
98
+ - spec/spec_helper.rb
99
+ homepage: https://github.com/alext/rack_strip_client_ip
100
+ licenses:
101
+ - MIT
102
+ post_install_message:
103
+ rdoc_options: []
104
+ require_paths:
105
+ - lib
106
+ required_ruby_version: !ruby/object:Gem::Requirement
107
+ none: false
108
+ requirements:
109
+ - - ! '>='
110
+ - !ruby/object:Gem::Version
111
+ version: '0'
112
+ segments:
113
+ - 0
114
+ hash: 1162669491065718405
115
+ required_rubygems_version: !ruby/object:Gem::Requirement
116
+ none: false
117
+ requirements:
118
+ - - ! '>='
119
+ - !ruby/object:Gem::Version
120
+ version: '0'
121
+ segments:
122
+ - 0
123
+ hash: 1162669491065718405
124
+ requirements: []
125
+ rubyforge_project:
126
+ rubygems_version: 1.8.23
127
+ signing_key:
128
+ specification_version: 3
129
+ summary: rack middleware to remote Client-IP headers
130
+ test_files:
131
+ - spec/middleware_spec.rb
132
+ - spec/spec_helper.rb