unxf 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +6 -0
- data/.gitignore +8 -0
- data/.wrongdoc.yml +4 -0
- data/COPYING +674 -0
- data/GIT-VERSION-GEN +40 -0
- data/GNUmakefile +11 -0
- data/LICENSE +18 -0
- data/README +14 -0
- data/lib/unxf.rb +67 -0
- data/pkg.mk +175 -0
- data/setup.rb +1586 -0
- data/test/test_unxf.rb +85 -0
- data/unxf.gemspec +27 -0
- metadata +137 -0
data/test/test_unxf.rb
ADDED
@@ -0,0 +1,85 @@
|
|
1
|
+
require "test/unit"
|
2
|
+
require "logger"
|
3
|
+
require "stringio"
|
4
|
+
require "rack"
|
5
|
+
require "rack/lobster"
|
6
|
+
require "unxf"
|
7
|
+
|
8
|
+
class TestUnXF < Test::Unit::TestCase
|
9
|
+
|
10
|
+
def setup
|
11
|
+
@env = nil
|
12
|
+
@io = StringIO.new
|
13
|
+
@req = { "rack.logger" => Logger.new(@io) }
|
14
|
+
app = lambda { |env| @env = env; [ 200, {}, [] ] }
|
15
|
+
@app = Rack::ContentLength.new(Rack::ContentType.new(app, 'text/plain'))
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_single_proxy
|
19
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
20
|
+
env = {
|
21
|
+
"HTTP_X_FORWARDED_FOR" => "0.6.6.6",
|
22
|
+
"REMOTE_ADDR" => "127.0.0.1",
|
23
|
+
}
|
24
|
+
r = req.get("http://example.com/", @req.merge(env))
|
25
|
+
assert_equal 200, r.status.to_i
|
26
|
+
assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
|
27
|
+
assert ! @env.key?("HTTP_X_FORWARDED_FOR")
|
28
|
+
end
|
29
|
+
|
30
|
+
def test_multiple_proxies
|
31
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
32
|
+
env = {
|
33
|
+
"HTTP_X_FORWARDED_FOR" => "0.6.6.6,192.168.1.1",
|
34
|
+
"REMOTE_ADDR" => "127.0.0.1",
|
35
|
+
}
|
36
|
+
r = req.get("http://example.com/", @req.merge(env))
|
37
|
+
assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
|
38
|
+
assert_equal 200, r.status.to_i
|
39
|
+
assert ! @env.key?("HTTP_X_FORWARDED_FOR")
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_spoofed
|
43
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
44
|
+
env = {
|
45
|
+
"HTTP_X_FORWARDED_FOR" => "0.6.6.6",
|
46
|
+
"REMOTE_ADDR" => "227.0.0.1",
|
47
|
+
}
|
48
|
+
r = req.get("http://example.com/", @req.merge(env))
|
49
|
+
assert_equal r.status.to_i, 400
|
50
|
+
end
|
51
|
+
|
52
|
+
def test_trusted_chain
|
53
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
54
|
+
env = {
|
55
|
+
"HTTP_X_FORWARDED_FOR" => "0.6.6.6,192.168.0.1",
|
56
|
+
"REMOTE_ADDR" => "127.0.0.1",
|
57
|
+
}
|
58
|
+
r = req.get("http://example.com/", @req.merge(env))
|
59
|
+
assert_equal 200, r.status.to_i
|
60
|
+
assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
|
61
|
+
assert ! @env.key?("HTTP_X_FORWARDED_FOR")
|
62
|
+
end
|
63
|
+
|
64
|
+
def test_spoofed_in_chain
|
65
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
66
|
+
env = {
|
67
|
+
"HTTP_X_FORWARDED_FOR" => "0.6.6.6,8.8.8.8",
|
68
|
+
"REMOTE_ADDR" => "127.0.0.1",
|
69
|
+
}
|
70
|
+
r = req.get("http://example.com/", @req.merge(env))
|
71
|
+
assert_equal r.status.to_i, 400
|
72
|
+
assert_match /0\.6\.6\.6,8\.8\.8\.8/, @io.string
|
73
|
+
end
|
74
|
+
|
75
|
+
def test_spoofed_null_safe
|
76
|
+
req = Rack::MockRequest.new(UnXF.new(@app))
|
77
|
+
env = {
|
78
|
+
"HTTP_X_FORWARDED_FOR" => "\0.6.6.6,8.8.8.8",
|
79
|
+
"REMOTE_ADDR" => "127.0.0.1",
|
80
|
+
}
|
81
|
+
r = req.get("http://example.com/", @req.merge(env))
|
82
|
+
assert_equal r.status.to_i, 400
|
83
|
+
assert_match /\\x00\.6\.6\.6,8\.8\.8\.8/, @io.string
|
84
|
+
end
|
85
|
+
end
|
data/unxf.gemspec
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
ENV["VERSION"] or abort "VERSION= must be specified"
|
2
|
+
manifest = File.readlines('.manifest').map! { |x| x.chomp! }
|
3
|
+
test_files = manifest.grep(%r{\Atest/test_.*\.rb\z})
|
4
|
+
require 'wrongdoc'
|
5
|
+
extend Wrongdoc::Gemspec
|
6
|
+
name, summary, title = readme_metadata
|
7
|
+
|
8
|
+
Gem::Specification.new do |s|
|
9
|
+
s.name = %q{unxf}
|
10
|
+
s.version = ENV["VERSION"].dup
|
11
|
+
s.homepage = Wrongdoc.config[:rdoc_url]
|
12
|
+
s.authors = ["#{name} hackers"]
|
13
|
+
s.date = Time.now.utc.strftime('%Y-%m-%d')
|
14
|
+
s.description = readme_description
|
15
|
+
s.email = %q{unxf@librelist.org}
|
16
|
+
s.extra_rdoc_files = extra_rdoc_files(manifest)
|
17
|
+
s.files = manifest
|
18
|
+
s.rdoc_options = rdoc_options
|
19
|
+
s.rubyforge_project = %q{rainbows}
|
20
|
+
s.summary = summary
|
21
|
+
s.test_files = test_files
|
22
|
+
s.add_dependency('rack', '~> 1.1')
|
23
|
+
s.add_development_dependency('wrongdoc', '~> 1.5')
|
24
|
+
s.add_development_dependency('rpatricia', '~> 0.07')
|
25
|
+
|
26
|
+
# s.license = %w(GPL) # disabled for compatibility with older RubyGems
|
27
|
+
end
|
metadata
ADDED
@@ -0,0 +1,137 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: unxf
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 23
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 1
|
8
|
+
- 0
|
9
|
+
- 0
|
10
|
+
version: 1.0.0
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- UnXF hackers
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2011-05-24 00:00:00 Z
|
19
|
+
dependencies:
|
20
|
+
- !ruby/object:Gem::Dependency
|
21
|
+
name: rack
|
22
|
+
prerelease: false
|
23
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
24
|
+
none: false
|
25
|
+
requirements:
|
26
|
+
- - ~>
|
27
|
+
- !ruby/object:Gem::Version
|
28
|
+
hash: 13
|
29
|
+
segments:
|
30
|
+
- 1
|
31
|
+
- 1
|
32
|
+
version: "1.1"
|
33
|
+
type: :runtime
|
34
|
+
version_requirements: *id001
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
name: wrongdoc
|
37
|
+
prerelease: false
|
38
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ~>
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
hash: 5
|
44
|
+
segments:
|
45
|
+
- 1
|
46
|
+
- 5
|
47
|
+
version: "1.5"
|
48
|
+
type: :development
|
49
|
+
version_requirements: *id002
|
50
|
+
- !ruby/object:Gem::Dependency
|
51
|
+
name: rpatricia
|
52
|
+
prerelease: false
|
53
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
54
|
+
none: false
|
55
|
+
requirements:
|
56
|
+
- - ~>
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
hash: 5
|
59
|
+
segments:
|
60
|
+
- 0
|
61
|
+
- 7
|
62
|
+
version: "0.07"
|
63
|
+
type: :development
|
64
|
+
version_requirements: *id003
|
65
|
+
description: |-
|
66
|
+
Removes X-Forwarded-For in the Rack environment and replaces REMOTE_ADDR
|
67
|
+
with the correct value (assuming REMOTE_ADDR and the X-Forwarded-For
|
68
|
+
chain is provided).
|
69
|
+
email: unxf@librelist.org
|
70
|
+
executables: []
|
71
|
+
|
72
|
+
extensions: []
|
73
|
+
|
74
|
+
extra_rdoc_files:
|
75
|
+
- README
|
76
|
+
- NEWS
|
77
|
+
- ChangeLog
|
78
|
+
- LATEST
|
79
|
+
- lib/unxf.rb
|
80
|
+
- LICENSE
|
81
|
+
files:
|
82
|
+
- .document
|
83
|
+
- .gitignore
|
84
|
+
- .manifest
|
85
|
+
- .wrongdoc.yml
|
86
|
+
- COPYING
|
87
|
+
- ChangeLog
|
88
|
+
- GIT-VERSION-FILE
|
89
|
+
- GIT-VERSION-GEN
|
90
|
+
- GNUmakefile
|
91
|
+
- LATEST
|
92
|
+
- LICENSE
|
93
|
+
- NEWS
|
94
|
+
- README
|
95
|
+
- lib/unxf.rb
|
96
|
+
- pkg.mk
|
97
|
+
- setup.rb
|
98
|
+
- test/test_unxf.rb
|
99
|
+
- unxf.gemspec
|
100
|
+
homepage: http://bogomips.org/unxf/
|
101
|
+
licenses: []
|
102
|
+
|
103
|
+
post_install_message:
|
104
|
+
rdoc_options:
|
105
|
+
- -t
|
106
|
+
- UnXF - Un-X-Forward* the Rack environment
|
107
|
+
- -W
|
108
|
+
- http://bogomips.org/unxf.git/tree/%s
|
109
|
+
require_paths:
|
110
|
+
- lib
|
111
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
112
|
+
none: false
|
113
|
+
requirements:
|
114
|
+
- - ">="
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
hash: 3
|
117
|
+
segments:
|
118
|
+
- 0
|
119
|
+
version: "0"
|
120
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
121
|
+
none: false
|
122
|
+
requirements:
|
123
|
+
- - ">="
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
hash: 3
|
126
|
+
segments:
|
127
|
+
- 0
|
128
|
+
version: "0"
|
129
|
+
requirements: []
|
130
|
+
|
131
|
+
rubyforge_project: rainbows
|
132
|
+
rubygems_version: 1.8.2
|
133
|
+
signing_key:
|
134
|
+
specification_version: 3
|
135
|
+
summary: Un-X-Forward* the Rack environment
|
136
|
+
test_files:
|
137
|
+
- test/test_unxf.rb
|