reputable 0.1.18 → 0.1.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +0 -38
- data/lib/reputable/configuration.rb +1 -21
- data/lib/reputable/middleware.rb +0 -34
- data/lib/reputable/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ffc332f72eed47a768d73dae0cac8a2efbbf73de0b41115fcf064ac046cfcc93
|
|
4
|
+
data.tar.gz: 42abaea0b5b896a54611ebc43946751fc2a303c62f94d4d199345afe846d88a1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f2fd4c2f08d86b89a19d0676d372f4b63f71ad70fe6c426c313e25cf48786544c6ca58ae729981ed4525d9dd8881c757b8c07810ea7984e405c133e82608ed23
|
|
7
|
+
data.tar.gz: 8e16c4839f384c4dbd4709996efab5e542a8f792522e283b2f3fcdb2db1eab2f13e149556f2f369ef23dc73d2cef7da83515fb95e69eca8a8e86de041afc4544
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -305,44 +305,6 @@ Notes:
|
|
|
305
305
|
- Use `blocked_page_path` only for local blocked pages (or to build a custom `failure_url`).
|
|
306
306
|
- Override `challenge_redirect_status` (default `302`) or `verification_force_challenge` if needed.
|
|
307
307
|
|
|
308
|
-
### ASN Fallback
|
|
309
|
-
|
|
310
|
-
When an IP has no reputation, the middleware can fall back to checking ASN reputation. This is useful for blocking/challenging entire ASNs (e.g., datacenter ASNs known for abuse).
|
|
311
|
-
|
|
312
|
-
**Enable via environment variable:**
|
|
313
|
-
```bash
|
|
314
|
-
REPUTABLE_ASN_FALLBACK=true
|
|
315
|
-
REPUTABLE_ASN_HEADER=HTTP_X_ASN # Optional, defaults to HTTP_X_ASN
|
|
316
|
-
```
|
|
317
|
-
|
|
318
|
-
**Enable via configuration:**
|
|
319
|
-
```ruby
|
|
320
|
-
Reputable.configure do |config|
|
|
321
|
-
config.asn_fallback = true
|
|
322
|
-
config.asn_header = "HTTP_X_ASN" # Or HTTP_CF_ASN for Cloudflare, etc.
|
|
323
|
-
end
|
|
324
|
-
```
|
|
325
|
-
|
|
326
|
-
**Enable via middleware option:**
|
|
327
|
-
```ruby
|
|
328
|
-
config.middleware.use Reputable::Middleware,
|
|
329
|
-
reputation_gate: true,
|
|
330
|
-
asn_fallback: true
|
|
331
|
-
```
|
|
332
|
-
|
|
333
|
-
**How it works:**
|
|
334
|
-
1. Middleware looks up IP reputation first
|
|
335
|
-
2. If IP has no reputation and ASN fallback is enabled, it extracts ASN from the configured header
|
|
336
|
-
3. If ASN has a reputation (blocked, challenged), that decision is applied
|
|
337
|
-
4. The `env['reputable.reputation_source']` is set to `'asn'` when using ASN-based decision
|
|
338
|
-
|
|
339
|
-
**Providing ASN from your app:**
|
|
340
|
-
If your app has its own GeoIP lookup, set the ASN directly:
|
|
341
|
-
```ruby
|
|
342
|
-
# In a before_action or middleware
|
|
343
|
-
request.env['reputable.asn'] = lookup_asn_for_ip(request.remote_ip)
|
|
344
|
-
```
|
|
345
|
-
|
|
346
308
|
### Server/JS Request Reconciliation
|
|
347
309
|
|
|
348
310
|
When using both server-side tracking (Rack middleware) and client-side JavaScript tracking, requests can be double-counted. The reconciliation system prevents this by correlating requests using a unique `request_id`.
|
|
@@ -15,8 +15,7 @@ module Reputable
|
|
|
15
15
|
:connect_timeout, :read_timeout, :write_timeout,
|
|
16
16
|
:ssl_params, :trusted_proxies, :ip_header_priority,
|
|
17
17
|
:on_error, :trusted_keys, :base_url,
|
|
18
|
-
:site_name, :support_email, :support_url
|
|
19
|
-
:asn_fallback, :asn_header
|
|
18
|
+
:site_name, :support_email, :support_url
|
|
20
19
|
|
|
21
20
|
# Alias for backward compatibility
|
|
22
21
|
alias_method :verification_base_url, :base_url
|
|
@@ -83,10 +82,6 @@ module Reputable
|
|
|
83
82
|
@site_name = ENV["REPUTABLE_SITE_NAME"]
|
|
84
83
|
@support_email = ENV["REPUTABLE_SUPPORT_EMAIL"]
|
|
85
84
|
@support_url = ENV["REPUTABLE_SUPPORT_URL"]
|
|
86
|
-
|
|
87
|
-
# ASN fallback: when IP has no reputation, check ASN reputation
|
|
88
|
-
@asn_fallback = env_truthy?("REPUTABLE_ASN_FALLBACK")
|
|
89
|
-
@asn_header = ENV.fetch("REPUTABLE_ASN_HEADER", "HTTP_X_ASN")
|
|
90
85
|
end
|
|
91
86
|
|
|
92
87
|
# Alias for backward compatibility
|
|
@@ -163,20 +158,5 @@ module Reputable
|
|
|
163
158
|
rescue IPAddr::InvalidAddressError
|
|
164
159
|
false
|
|
165
160
|
end
|
|
166
|
-
|
|
167
|
-
# Check if ASN fallback is enabled
|
|
168
|
-
def asn_fallback?
|
|
169
|
-
@asn_fallback
|
|
170
|
-
end
|
|
171
|
-
|
|
172
|
-
private
|
|
173
|
-
|
|
174
|
-
# Helper to check if an environment variable is truthy
|
|
175
|
-
def env_truthy?(name)
|
|
176
|
-
value = ENV[name]
|
|
177
|
-
return false if value.nil?
|
|
178
|
-
|
|
179
|
-
%w[1 true yes on enabled].include?(value.to_s.downcase)
|
|
180
|
-
end
|
|
181
161
|
end
|
|
182
162
|
end
|
data/lib/reputable/middleware.rb
CHANGED
|
@@ -60,7 +60,6 @@ module Reputable
|
|
|
60
60
|
@blocked_page_options = options.fetch(:blocked_page, {})
|
|
61
61
|
@blocked_page_path = options[:blocked_page_path]
|
|
62
62
|
@ignore_xhr = options.fetch(:ignore_xhr, false)
|
|
63
|
-
@asn_fallback = options.key?(:asn_fallback) ? options[:asn_fallback] : nil
|
|
64
63
|
end
|
|
65
64
|
|
|
66
65
|
def call(env)
|
|
@@ -319,17 +318,6 @@ module Reputable
|
|
|
319
318
|
ip = extract_ip(env)
|
|
320
319
|
env["reputable.ip"] = ip
|
|
321
320
|
status = Reputable::Reputation.lookup_ip(ip)
|
|
322
|
-
|
|
323
|
-
# Fallback to ASN reputation if IP has no status and ASN fallback is enabled
|
|
324
|
-
if status.nil? && asn_fallback_enabled?
|
|
325
|
-
asn = extract_asn(env)
|
|
326
|
-
if asn
|
|
327
|
-
env["reputable.asn"] = asn
|
|
328
|
-
status = Reputable::Reputation.lookup_asn(asn)
|
|
329
|
-
env["reputable.reputation_source"] = "asn" if status
|
|
330
|
-
end
|
|
331
|
-
end
|
|
332
|
-
|
|
333
321
|
env["reputable.reputation_status"] = status
|
|
334
322
|
env["reputable.ignore_analytics"] = status.to_s.start_with?("untrusted")
|
|
335
323
|
status
|
|
@@ -339,28 +327,6 @@ module Reputable
|
|
|
339
327
|
nil
|
|
340
328
|
end
|
|
341
329
|
|
|
342
|
-
def asn_fallback_enabled?
|
|
343
|
-
# Middleware option takes precedence, then config
|
|
344
|
-
return @asn_fallback unless @asn_fallback.nil?
|
|
345
|
-
|
|
346
|
-
Reputable.configuration.asn_fallback?
|
|
347
|
-
end
|
|
348
|
-
|
|
349
|
-
def extract_asn(env)
|
|
350
|
-
# First check if app explicitly set it
|
|
351
|
-
return env["reputable.asn"] if env["reputable.asn"]
|
|
352
|
-
|
|
353
|
-
# Then check the configured header
|
|
354
|
-
header = Reputable.configuration.asn_header
|
|
355
|
-
value = env[header]
|
|
356
|
-
return nil if value.nil? || value.empty?
|
|
357
|
-
|
|
358
|
-
# Normalize: strip "AS" prefix if present
|
|
359
|
-
value.to_s.strip.sub(/^AS/i, "")
|
|
360
|
-
rescue StandardError
|
|
361
|
-
nil
|
|
362
|
-
end
|
|
363
|
-
|
|
364
330
|
def blocked_page_options
|
|
365
331
|
config = Reputable.configuration
|
|
366
332
|
defaults = {
|
data/lib/reputable/version.rb
CHANGED