RubyGems - ssrf_filter - Versions diffs - 1.0.4 → 1.0.5 - Mend

ssrf_filter 1.0.4 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/ssrf_filter/ssrf_filter.rb +12 -2
data/lib/ssrf_filter/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f57642f5402d0d925c747c263c95da4044d92780
-  data.tar.gz: b0b5053f7409d747e67e5cea7aa18cac907078dd
+  metadata.gz: 59270dd5ca4e6fdf5e70fc74e2c1593eea7cd861
+  data.tar.gz: f23dbbcc57ea0114ae1220e22f93b5f1fa7910da
 SHA512:
-  metadata.gz: 0d65077b80b68974821ac24768cf5c75bfbef01bc9642703da702694f76f4ec15f74d61945d3a7db5d1df76b0fe1f5bf2f86001d903e1a4a0ca8f405f3f47365
-  data.tar.gz: 6e6de13a260d79c16ea4ca7a890071e6b2135721f19e081ceb15e64cdbccbeca36478674dad4157cbe5efbd3ef566fa954fef077a295fa9c6c8daeb8495a52a9
+  metadata.gz: c6ed09a682cd405c1cf06429b173f87965ff67231bd748a9520ee4c9fe8ed27d84df373abd917c3c25935dfcee984f5cc5c1b4b327548accd3694b6587ce9249
+  data.tar.gz: 73697be1c1619bda43e8fc7c517380f0f40155de9f20012d79390a58ef9122bec392a443661e0ffae93fb48a04a6aa6bc874b8a7aea9d1a59a1e8c460c317881

data/lib/ssrf_filter/ssrf_filter.rb CHANGED Viewed

@@ -152,6 +152,17 @@ class SsrfFilter
   end
   private_class_method :ipaddr_has_mask?
+  def self.host_header(hostname, uri)
+    # Attach port for non-default as per RFC2616
+    if (uri.port == 80 && uri.scheme == 'http') ||
+       (uri.port == 443 && uri.scheme == 'https')
+      hostname
+    else
+      "#{hostname}:#{uri.port}"
+    end
+  end
+  private_class_method :host_header
   def self.fetch_once(uri, ip, verb, options, &block)
     if options[:params]
       params = uri.query ? ::Hash[::URI.decode_www_form(uri.query)] : {}
@@ -163,8 +174,7 @@ class SsrfFilter
     uri.hostname = ip
     request = VERB_MAP[verb].new(uri)
-    # Attach port for non-80 as per RFC2616
-    request['host'] = uri.port == 80 ? hostname : "#{hostname}:#{uri.port}"
+    request['host'] = host_header(hostname, uri)
     Array(options[:headers]).each do |header, value|
       request[header] = value

data/lib/ssrf_filter/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 class SsrfFilter
-  VERSION = '1.0.4'.freeze
+  VERSION = '1.0.5'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ssrf_filter
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: ruby
 authors:
 - Arkadiy Tetelman
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-01-17 00:00:00.000000000 Z
+date: 2018-01-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler-audit