ssrf_filter 1.0.6 → 1.0.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 2e7c6b603a075892984767c0e84bdc31acef8a94
4
- data.tar.gz: ad328c0f06c37ab4ce7f33610e5f6b16ee0a3537
2
+ SHA256:
3
+ metadata.gz: 17984597a9ad2c3dd852793334951478090086e5c6b7f86d67cf827fa98bff4c
4
+ data.tar.gz: 99c09e926f2b2c3a040dd0deed245ebb005f6cb242a185a7bca15592183f0b82
5
5
  SHA512:
6
- metadata.gz: 553c787de96785842f54c22f4ca9ae85b417ce38139ee93daa95deea1f0ca39383150bc242099d63fa4cea9161508cc4f58e27e06bcc5958bca1d58e7fed1744
7
- data.tar.gz: f010ffafa1cdf23f45426f33b37eda10df5ad4ac27bef1e4d79851728c2ce3a24e52b62cb8b2c03a11400a0b7db29329672d6be101562d03152df3f0a1641eb5
6
+ metadata.gz: ad60b8c2efaca1de0b7d89de0102eef87d23c65d1c6b73e674092e7740e8c5fe1a006801c648529bf9150eb590df9b3c160af519b666176f41697ef69218918e
7
+ data.tar.gz: '062843311bfdb75b9de842fb29e4864da4a4acc4c41d454fec593ee3c0a86f306cddd30d4cc9c46b6d6b169b2e3e3480c2e8499cb637eaf97d96afa534b41569'
@@ -27,6 +27,7 @@ class SsrfFilter
27
27
 
28
28
  def self.apply!
29
29
  return if instance_variable_defined?(:@patched_ssl_socket)
30
+
30
31
  @patched_ssl_socket = true
31
32
 
32
33
  ::OpenSSL::SSL::SSLSocket.class_eval do
@@ -53,11 +53,12 @@ class SsrfFilter
53
53
  ::IPAddr.new('2002::/16'), # 6to4
54
54
  ::IPAddr.new('fc00::/7'), # Unique local address
55
55
  ::IPAddr.new('fe80::/10'), # Link-local address
56
- ::IPAddr.new('ff00::/8'), # Multicast
56
+ ::IPAddr.new('ff00::/8') # Multicast
57
57
  ] + IPV4_BLACKLIST.flat_map do |ipaddr|
58
58
  prefixlen = prefixlen_from_ipaddr(ipaddr)
59
59
 
60
- ipv4_compatible = ipaddr.ipv4_compat.mask(96 + prefixlen)
60
+ # Don't call ipaddr.ipv4_compat because it prints out a deprecation warning on ruby 2.5+
61
+ ipv4_compatible = IPAddr.new(ipaddr.to_i, Socket::AF_INET6).mask(96 + prefixlen)
61
62
  ipv4_mapped = ipaddr.ipv4_mapped.mask(80 + prefixlen)
62
63
 
63
64
  [ipv4_compatible, ipv4_mapped]
@@ -188,9 +189,11 @@ class SsrfFilter
188
189
  block.call(request) if block_given?
189
190
  validate_request(request)
190
191
 
191
- use_ssl = uri.scheme == 'https'
192
+ http_options = options[:http_options] || {}
193
+ http_options[:use_ssl] = (uri.scheme == 'https')
194
+
192
195
  with_forced_hostname(hostname) do
193
- ::Net::HTTP.start(uri.hostname, uri.port, use_ssl: use_ssl) do |http|
196
+ ::Net::HTTP.start(uri.hostname, uri.port, http_options) do |http|
194
197
  http.request(request)
195
198
  end
196
199
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class SsrfFilter
4
- VERSION = '1.0.6'.freeze
4
+ VERSION = '1.0.7'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssrf_filter
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.6
4
+ version: 1.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Arkadiy Tetelman
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-25 00:00:00.000000000 Z
11
+ date: 2019-10-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler-audit
@@ -16,70 +16,70 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.6.0
19
+ version: 0.6.1
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.6.0
26
+ version: 0.6.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: coveralls
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.8.0
33
+ version: 0.8.22
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.8.0
40
+ version: 0.8.22
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 3.7.0
47
+ version: 3.8.0
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 3.7.0
54
+ version: 3.8.0
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: webmock
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 3.3.0
61
+ version: 3.5.1
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 3.3.0
68
+ version: 3.5.1
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rubocop
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 0.52.0
75
+ version: 0.65.0
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 0.52.0
82
+ version: 0.65.0
83
83
  description: A gem that makes it easy to prevent server side request forgery (SSRF)
84
84
  attacks
85
85
  email:
@@ -111,8 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
111
111
  - !ruby/object:Gem::Version
112
112
  version: '0'
113
113
  requirements: []
114
- rubyforge_project:
115
- rubygems_version: 2.6.14
114
+ rubygems_version: 3.0.3
116
115
  signing_key:
117
116
  specification_version: 4
118
117
  summary: A gem that makes it easy to prevent server side request forgery (SSRF) attacks