ssrf_filter 1.0.3 → 1.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ssrf_filter/ssrf_filter.rb +2 -0
  3. data/lib/ssrf_filter/version.rb +1 -1
  4. metadata +13 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 110624c7d984dd91dfb079a1f86dab09573f77d1
4
- data.tar.gz: 21b005a50f8d9729854d9250bd9e1d1f328c5199
3
+ metadata.gz: f57642f5402d0d925c747c263c95da4044d92780
4
+ data.tar.gz: b0b5053f7409d747e67e5cea7aa18cac907078dd
5
5
  SHA512:
6
- metadata.gz: 04e68d9693c439e9419c61bd69f09e4c0b341076f81dfa093d924134469694648b71ffa4d553de1e4da0da2089df332055567eacd535d18072eaaca668012fa3
7
- data.tar.gz: acb0ce774ad36f5fed558d74b43ac6e111f48a00afff78f6d23d1c5c5ba1bbb778b4d545fa989dc74fe3f5417416ead1e3b107af7c2f30128ac21717dfc23d62
6
+ metadata.gz: 0d65077b80b68974821ac24768cf5c75bfbef01bc9642703da702694f76f4ec15f74d61945d3a7db5d1df76b0fe1f5bf2f86001d903e1a4a0ca8f405f3f47365
7
+ data.tar.gz: 6e6de13a260d79c16ea4ca7a890071e6b2135721f19e081ceb15e64cdbccbeca36478674dad4157cbe5efbd3ef566fa954fef077a295fa9c6c8daeb8495a52a9
data/lib/ssrf_filter/ssrf_filter.rb CHANGED
@@ -125,6 +125,8 @@ class SsrfFilter
125
125
  case response
126
126
  when ::Net::HTTPRedirection then
127
127
  url = response['location']
128
+ # Handle relative redirects
129
+ url = "#{uri.scheme}://#{hostname}:#{uri.port}#{url}" if url.start_with?('/')
128
130
  else
129
131
  return response
130
132
  end
data/lib/ssrf_filter/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class SsrfFilter
4
- VERSION = '1.0.3'.freeze
4
+ VERSION = '1.0.4'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssrf_filter
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Arkadiy Tetelman
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-12-05 00:00:00.000000000 Z
11
+ date: 2018-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler-audit
@@ -16,70 +16,70 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '0.6'
19
+ version: 0.6.0
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '0.6'
26
+ version: 0.6.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: coveralls
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '0.8'
33
+ version: 0.8.0
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '0.8'
40
+ version: 0.8.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '3.7'
47
+ version: 3.7.0
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '3.7'
54
+ version: 3.7.0
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: webmock
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '3.1'
61
+ version: 3.2.0
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '3.1'
68
+ version: 3.2.0
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rubocop
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: '0.51'
75
+ version: 0.52.0
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: '0.51'
82
+ version: 0.52.0
83
83
  description: A gem that makes it easy to prevent server side request forgery (SSRF)
84
84
  attacks
85
85
  email:
@@ -110,7 +110,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
110
110
  version: '0'
111
111
  requirements: []
112
112
  rubyforge_project:
113
- rubygems_version: 2.6.12
113
+ rubygems_version: 2.6.14
114
114
  signing_key:
115
115
  specification_version: 4
116
116
  summary: A gem that makes it easy to prevent server side request forgery (SSRF) attacks