ronin-web-server 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b3dee3ef506c739a9e75e0e5055d5554759de129367000a5b87619e801d4fd2c
-  data.tar.gz: 1695a44b07a156efff8b0611b148b585511fc9d3d844ad18b7834295e9bc3ec0
+  metadata.gz: 7641f362f496605dc130ab2e58bade6d6d22f47224f132d5c963c3f6179ff51e
+  data.tar.gz: ee3cc24d4ecc115259754d441e2d351a9c0ca8d1490468ee993b14f8f8981967
 SHA512:
-  metadata.gz: e192f8ec835cb380ef519ed2b6ddfba88a40b8213fd1fa3f7d5df9b20f6b23cc75fe21b85bea0663fa52a0009a33b9c5b011697c8fc404760cdee5ed11f2a97e
-  data.tar.gz: 06a4928fd050e6c85fc17195739b9c9233ef6c7547e8532d2893fa2257276194e25bb3ac54f92a46fa62f225b51b021ccee84c6426203e4627e777111a60eeea
+  metadata.gz: cce961a47f97df03f1819fa8ab1f601d15a7ab1f86091eca0e6faf663813314e461bb22e458c05ca63f2b21cb5940f3272de8dffcd1515c0d0d1346b0bd43c99
+  data.tar.gz: 57675264ab3fa96514c2330616b2e2f410e1e5fad091989fb2a062c51a126cbb4a06e7ebb77026b767c17bf54a90133ac348bd4faefdc91d0c356dcf5587ceeb

data/.rubocop.yml

@@ -3,152 +3,12 @@ AllCops:
   SuggestExtensions: false
   TargetRubyVersion: 3.1
 
-#
-# our rules
-#
+inherit_gem:
+  rubocop-ronin: rubocop.yml
 
-Layout/FirstArrayElementIndentation: { Exclude: ['spec/**/*'] }
-Layout/LineLength: { Enabled: false }
-Layout/SpaceAroundEqualsInParameterDefault: { EnforcedStyle: no_space }
-Lint/ConstantDefinitionInBlock: { Exclude: ['spec/**/*'] }
-Metrics: { Enabled: false }
-Style/SymbolArray: { EnforcedStyle: brackets }
-Style/IfInsideElse: { Enabled: false } # Offense count: 1
-Style/PercentLiteralDelimiters:
-  Enabled: true
-  PreferredDelimiters:
-    default: '{}'
-    '%i': '[]'
-    '%I': '[]'
-    '%w': '[]'
-    '%W': '[]'
-Style/UnlessElse: { Enabled: false }
-Bundler/OrderedGems: { Enabled: false }
-Style/CaseEquality: { Exclude: ['lib/ronin/web/server/conditions.rb'] }
-Style/Next: { Enabled: false }
-Style/HashSyntax: { Enabled: false }
-Naming/BlockForwarding: { Enabled: false }
-Lint/ReturnInVoidContext: { Enabled: false }
-Gemspec/DeprecatedAttributeAssignment: { Enabled: false }
-Layout/EmptyLineAfterMagicComment: { Enabled: false }
-
-#
-# rules that are in flux
 #
-
-# consider enabling these and autocorrecting?
-# Layout/SpaceAfterComma
-# Layout/SpaceAroundKeyword
-# Layout/SpaceBeforeComma
-# Layout/SpaceInsideHashLiteralBraces
-# Layout/SpaceInsideParens
-# Layout/TrailingWhitespace
-# Lint/UnreachableLoop
-# Lint/UnusedBlockArgument
-# Style/ClassCheck
-# Style/Documentation
-# Style/ExpandPathArguments
-# Style/GlobalStdStream
-# Style/HashSyntax
-# Style/KeywordParametersOrder
-# Style/MethodCallWithoutArgsParentheses
-# Style/MutableConstant
-# Style/QuotedSymbols: { EnforcedStyle: double_quotes }
-# Style/RedundantReturn
-# Style/SafeNavigation
-# Style/SpecialGlobalVars
-# Style/StringLiterals: { EnforcedStyle: double_quotes }
-# Style/WordArray
-
-# these have been fixed
-# Gemspec/DuplicatedAssignment: { Enabled: false } # Offense count: 1
-# Layout/ElseAlignment: { Enabled: false } # Offense count: 1
-# Layout/EndAlignment: { Enabled: false } # Offense count: 1
-# Lint/DuplicateMethods: { Enabled: false } # Offense count: 1
-# Lint/UselessAssignment: { Enabled: false } # Offense count: 1
-# Style/Encoding: { Enabled: false } # Offense count: 2
-# Style/RedundantBegin: { Enabled: false } # Offense count: 2
-# Style/RedundantInterpolation: { Enabled: false } # Offense count: 1
-# Style/TrailingCommaInArrayLiteral: { Enabled: false } # Offense count: 1
-
+# ronin-web-server specific exceptions
 #
-# This list was generated with:
-# bundle exec rubocop --auto-gen-config --exclude-limit 1
-#
-
-# > 10 violations
-Layout/AssignmentIndentation: { Enabled: false } # Offense count: 11
-Layout/EmptyLinesAroundClassBody: { Enabled: false } # Offense count: 76
-Layout/HashAlignment: { Enabled: false } # Offense count: 28
-Layout/SpaceAfterComma: { Enabled: false } # Offense count: 141
-Layout/SpaceInsideHashLiteralBraces: { Enabled: false } # Offense count: 57
-Layout/TrailingWhitespace: { Enabled: false } # Offense count: 50
-Naming/RescuedExceptionsVariableName: { Enabled: false } # Offense count: 11
-Style/BlockDelimiters: { Enabled: false } # Offense count: 17
-Style/ClassCheck: { Enabled: false } # Offense count: 10
-Style/ClassEqualityComparison: { Enabled: false } # Offense count: 16
-Style/FrozenStringLiteralComment: { Enabled: false } # Offense count: 77
-Style/GlobalStdStream: { Enabled: false } # Offense count: 13
-Style/GuardClause: { Enabled: false } # Offense count: 10
-Style/IfUnlessModifier: { Enabled: false } # Offense count: 13
-Style/MethodCallWithoutArgsParentheses: { Enabled: false } # Offense count: 10
-Style/SpecialGlobalVars: { Enabled: false } # Offense count: 28
-Style/StringLiterals: { Enabled: false } # Offense count: 774
-Lint/ElseLayout: { Enabled: false } # Offense count: 22
-
-# < 10 violations
-Layout/EmptyLinesAroundModuleBody: { Enabled: false } # Offense count: 5
-Layout/ExtraSpacing: { Enabled: false } # Offense count: 6
-Layout/FirstHashElementIndentation: { Enabled: false } # Offense count: 4
-Layout/ParameterAlignment: { Enabled: false } # Offense count: 9
-Layout/SpaceAroundKeyword: { Enabled: false } # Offense count: 7
-Layout/SpaceBeforeComma: { Enabled: false } # Offense count: 4
-Layout/SpaceInsideParens: { Enabled: false } # Offense count: 4
-Lint/EmptyClass: { Enabled: false } # Offense count: 3
-Lint/SuppressedException: { Enabled: false } # Offense count: 4
-Lint/UnusedMethodArgument: { Enabled: false } # Offense count: 5
-Style/AccessorGrouping: { Enabled: false } # Offense count: 7
-Style/Documentation: { Enabled: false } # Offense count: 3
-Style/ExpandPathArguments: { Enabled: false } # Offense count: 8
-Style/KeywordParametersOrder: { Enabled: false } # Offense count: 8
-Style/Lambda: { Enabled: false } # Offense count: 3
-Style/MutableConstant: { Enabled: false } # Offense count: 4
-Style/RaiseArgs: { Enabled: false } # Offense count: 4
-Style/RedundantReturn: { Enabled: false } # Offense count: 7
-Style/SafeNavigation: { Enabled: false } # Offense count: 5
-Style/StringConcatenation: { Enabled: false } # Offense count: 8
-Style/WordArray: { Enabled: false } # Offense count: 4
-
-# 1 or 2 violations
-Layout/ArgumentAlignment: { Enabled: false } # Offense count: 1
-Layout/BlockAlignment: { Enabled: false } # Offense count: 1
-Layout/IndentationWidth: { Enabled: false } # Offense count: 2
-Layout/SpaceAroundOperators: { Enabled: false } # Offense count: 1
-Layout/SpaceBeforeBlockBraces: { Enabled: false } # Offense count: 1
-Lint/MissingSuper: { Enabled: false } # Offense count: 2
-Lint/RescueException: { Enabled: false } # Offense count: 1
-Lint/UnreachableLoop: { Enabled: false } # Offense count: 1
-Lint/UnusedBlockArgument: { Enabled: false } # Offense count: 1
-Naming/MethodParameterName: { Enabled: false } # Offense count: 1
-Style/EmptyMethod: { Enabled: false } # Offense count: 2
-Style/HashConversion: { Enabled: false } # Offense count: 1
-Style/MultilineMemoization: { Enabled: false } # Offense count: 1
-Style/NumericPredicate: { Enabled: false } # Offense count: 1
-Style/OptionalArguments: { Enabled: false } # Offense count: 1
-Style/ParenthesesAroundCondition: { Enabled: false } # Offense count: 1
-Style/PreferredHashMethods: { Enabled: false } # Offense count: 1
-Style/QuotedSymbols: { Enabled: false } # Offense count: 1
-Style/RedundantException: { Enabled: false } # Offense count: 1
-Style/RedundantRegexpEscape: { Enabled: false } # Offense count: 1
-Style/RegexpLiteral: { Enabled: false } # Offense count: 1
-Style/RescueStandardError: { Enabled: false } # Offense count: 1
-Style/SoleNestedConditional: { Enabled: false } # Offense count: 1
-Style/TrailingCommaInHashLiteral: { Enabled: false } # Offense count: 2
-
-# rubocop cannot tell that rubygems_mfa_required is enabled in gemspec.yml
-Gemspec/RequireMFA: { Enabled: false }
-
-# make an exception for our gemspec code
-Gemspec/DuplicatedAssignment:
+Style/CaseEquality:
   Exclude:
-    - 'ronin-web-server.gemspec'
+    - 'lib/ronin/web/server/conditions.rb'

data/ChangeLog.md

@@ -1,4 +1,11 @@
-### 0.1.0 / 2023-XX-XX
+### 0.1.1 / 2023-03-01
+
+* Correctly set the `bind` setting in {Ronin::Web::Server::Base} to ensure it
+  will always listen on `0.0.0.0`.
+* Allow `directory` and `mount` to accept directory paths ending with a `/`.
+* Increased test coverage.
+
+### 0.1.0 / 2023-02-01
 
 * Extracted and refactored from [ronin-web](https://github.com/ronin-rb/ronin-web/tree/v0.3.0.rc1).
 * Relicensed as LGPL-3.0.

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec
@@ -28,8 +30,9 @@ group :development do
   gem 'yard',            '~> 0.9'
   gem 'yard-spellcheck', require: false
 
-  gem 'dead_end',       require: false
-  gem 'sord',           require: false, platform: :mri
-  gem 'stackprof',      require: false, platform: :mri
-  gem 'rubocop',        require: false
+  gem 'dead_end',        require: false
+  gem 'sord',            require: false, platform: :mri
+  gem 'stackprof',       require: false, platform: :mri
+  gem 'rubocop',         require: false, platform: :mri
+  gem 'rubocop-ronin',   require: false, platform: :mri
 end

data/README.md

@@ -59,7 +59,7 @@ security research and development.
   * [os_version][docs-os_version] - matches the OS version from the `User-Agent`
     header of the request.
 * Has 97% documentation coverage.
-* Has 85% test coverage.
+* Has 90% test coverage.
 
 [docs-any]: https://ronin-rb.dev/docs/ronin-web-server/Ronin/Web/Server/Routing/ClassMethods.html#any-instance_method
 [docs-default]: https://ronin-rb.dev/docs/ronin-web-server/Ronin/Web/Server/Routing/ClassMethods.html#default-instance_method

data/Rakefile

@@ -1,4 +1,4 @@
-require 'rubygems'
+# frozen_string_literal: true
 
 begin
   require 'bundler'

data/lib/ronin/web/server/base.rb

@@ -94,28 +94,28 @@ module Ronin
       #   based on the OS version within the `User-Agent` header.
       #
       # ## Examples
-      #   
+      #
       #   require 'ronin/web/server'
-      #   
+      #
       #   class App < Ronin::Web::Server::Base
-      #   
+      #
       #     # mount a file
       #     file '/sitemap.xml', './files/sitemap.xml'
       #
       #     # mount a directory
       #     directory '/downloads/', '/tmp/downloads/'
-      #   
+      #
       #     get '/' do
       #       # renders views/index.erb
       #       erb :index
       #     end
-      #   
+      #
       #     get '/test' do
       #       "raw text here"
       #     end
-      #   
+      #
       #   end
-      #   
+      #
       #   App.run!
       #
       class Base < Sinatra::Base
@@ -132,7 +132,7 @@ module Ronin
 
         use Rack::UserAgent
 
-        set :host, DEFAULT_HOST
+        set :bind, DEFAULT_HOST
         set :port, DEFAULT_PORT
 
         before do

data/lib/ronin/web/server/conditions.rb

@@ -279,7 +279,7 @@ module Ronin
           #
           # @example Match versions of Chrome with known vulnerabilities:
           #   vuln_versions = File.readlines('chrome_versions.txt', chomp: true)
-          #   
+          #
           #   get '/path', browser: :chrome, browser_version: vuln_versions do
           #     # ...
           #   end
@@ -415,7 +415,7 @@ module Ronin
           #
           # @example Match versions of Android with known vulnerabilities:
           #   vuln_versions = File.readlines('android_versions.txt', chomp: true)
-          #   
+          #
           #   get '/path', os: :android, os_version: vuln_versions do
           #     # ...
           #   end

data/lib/ronin/web/server/helpers.rb

@@ -28,7 +28,6 @@ module Ronin
       # Provides Sinatra routing and helper methods.
       #
       module Helpers
-
         include Rack::Utils
         include Sinatra::Helpers
 

data/lib/ronin/web/server/request.rb

@@ -63,6 +63,7 @@ module Ronin
             if name =~ /^HTTP_/
               header_words = name[5..].split('_')
               header_words.each(&:capitalize!)
+
               header_name = header_words.join('-')
 
               headers[header_name] = value

data/lib/ronin/web/server/reverse_proxy.rb

@@ -38,7 +38,7 @@ module Ronin
       #       proxy.on_request do |request|
       #         # ...
       #       end
-      #    
+      #
       #       proxy.on_response do |response|
       #         # ...
       #       end
@@ -48,9 +48,9 @@ module Ronin
       # ### App
       #
       #     class App < Ronin::Web::Server::Base
-      #     
+      #
       #       mount '/signin', Ronin::Web::Server::ReverseProxy.new
-      #     
+      #
       #     end
       #
       # @api public
@@ -179,10 +179,11 @@ module Ronin
           headers = request.headers
           body    = request.body.read
 
-          http = connection_for(host,port, ssl: ssl)
+          http          = connection_for(host,port, ssl: ssl)
           http_response = http.request(method,path, query:   query,
                                                     headers: headers,
                                                     body:    body)
+
           response_headers = {}
 
           http_response.each_capitalized do |name,value|
@@ -228,12 +229,12 @@ module Ronin
         def run!(host: DEFAULT_HOST, port: DEFAULT_PORT, server: DEFAULT_SERVER,
                  **rack_options)
           server = Rack::Server.new(
-            app:    self,
-            server: server,
-            Host:   host,
-            Port:   port,
-            **rack_options
-          )
+                     app:    self,
+                     server: server,
+                     Host:   host,
+                     Port:   port,
+                     **rack_options
+                   )
 
           server.start do |handler|
             trap(:INT)  { quit!(server,handler) }

data/lib/ronin/web/server/routing.rb

@@ -84,7 +84,7 @@ module Ronin
           #   default do
           #     status 200
           #     content_type :html
-          #     
+          #
           #     %{
           #     <html>
           #       <body>
@@ -120,7 +120,7 @@ module Ronin
           #
           def basic_auth(auth_user,auth_password, realm: 'Restricted')
             use Rack::Auth::Basic, realm do |user,password|
-              user == auth_user && passwrd == auth_password
+              user == auth_user && password == auth_password
             end
           end
 
@@ -145,10 +145,10 @@ module Ronin
           #
           # Hosts the contents of a file.
           #
-          # @param [String, Regexp] remote_path
+          # @param [String, Regexp] path
           #   The path the web server will host the file at.
           #
-          # @param [String] local_path
+          # @param [String] local_file
           #   The path to the local file.
           #
           # @param [Hash{Symbol => Object}] conditions
@@ -159,17 +159,17 @@ module Ronin
           #
           # @api public
           #
-          def file(remote_path,local_path,conditions={})
-            get(remote_path,conditions) { send_file(local_path) }
+          def file(path,local_file,conditions={})
+            get(path,conditions) { send_file(local_file) }
           end
 
           #
           # Hosts the contents of the directory.
           #
-          # @param [String] remote_path
+          # @param [String] path
           #   The path the web server will host the directory at.
           #
-          # @param [String] local_path
+          # @param [String] local_dir
           #   The path to the local directory.
           #
           # @param [Hash{Symbol => Object}] conditions
@@ -180,10 +180,11 @@ module Ronin
           #
           # @api public
           #
-          def directory(remote_path,local_path,conditions={})
-            dir = Rack::File.new(local_path)
+          def directory(path,local_dir,conditions={})
+            path = path.chomp('/')
+            dir  = Rack::File.new(local_dir)
 
-            get("#{remote_path}/*",conditions) do |sub_path|
+            get("#{path}/*",conditions) do |sub_path|
               response = dir.call(env.merge('PATH_INFO' => "/#{sub_path}"))
 
               if response[0] == 200 then response
@@ -207,7 +208,7 @@ module Ronin
           # @api public
           #
           def public_dir(path,conditions={})
-            directory('',path,conditions)
+            directory('/',path,conditions)
           end
 
           #
@@ -250,6 +251,8 @@ module Ronin
           # @api public
           #
           def mount(dir,app,conditions={})
+            dir = dir.chomp('/')
+
             any("#{dir}/?*",conditions) do |sub_path|
               app.call(env.merge('PATH_INFO' => "/#{sub_path}"))
             end

data/lib/ronin/web/server/version.rb

@@ -22,7 +22,7 @@ module Ronin
   module Web
     module Server
       # ronin-web-server version
-      VERSION = '0.1.0'
+      VERSION = '0.1.1'
     end
   end
 end

data/lib/ronin/web/server.rb

@@ -22,6 +22,11 @@ require 'ronin/web/server/base'
 require 'ronin/web/server/app'
 
 module Ronin
+  #
+  # Namespace for [ronin-web].
+  #
+  # [ronin-web]: https://github.com/ronin-rb/ronin-web#readme
+  #
   module Web
     #
     # Returns the Ronin Web Server.

data/ronin-web-server.gemspec

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'yaml'
 
 Gem::Specification.new do |gem|
@@ -20,7 +22,7 @@ Gem::Specification.new do |gem|
   gem.homepage    = gemspec['homepage']
   gem.metadata    = gemspec['metadata'] if gemspec['metadata']
 
-  glob = lambda { |patterns| gem.files & Dir[*patterns] }
+  glob = ->(patterns) { gem.files & Dir[*patterns] }
 
   gem.files  = `git ls-files`.split($/)
   gem.files  = glob[gemspec['files']] if gemspec['files']
@@ -44,7 +46,7 @@ Gem::Specification.new do |gem|
   gem.required_rubygems_version = gemspec['required_rubygems_version']
   gem.post_install_message      = gemspec['post_install_message']
 
-  split = lambda { |string| string.split(/,\s*/) }
+  split = ->(string) { string.split(/,\s*/) }
 
   if gemspec['dependencies']
     gemspec['dependencies'].each do |name,versions|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ronin-web-server
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Postmodern
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-02-01 00:00:00.000000000 Z
+date: 2023-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: webrick