Class: Rack::Attack
- Inherits:
-
Object
show all
- Extended by:
- Forwardable
- Defined in:
- lib/rack/attack/cache.rb,
lib/rack/attack/check.rb,
lib/rack/attack/track.rb,
lib/rack/attack/request.rb,
lib/rack/attack/version.rb,
lib/rack/attack/fail2ban.rb,
lib/rack/attack/safelist.rb,
lib/rack/attack/throttle.rb,
lib/rack/attack/allow2ban.rb,
lib/rack/attack/blocklist.rb,
lib/rack/attack/store_proxy.rb,
lib/rack/attack/path_normalizer.rb,
lib/rack/attack/store_proxy/dalli_proxy.rb,
lib/rack/attack/store_proxy/redis_proxy.rb,
lib/rack/attack/store_proxy/mem_cache_proxy.rb,
lib/rack/attack/store_proxy/redis_store_proxy.rb,
lib/rack/attack/store_proxy/redis_cache_store_proxy.rb,
lib/rack/attack.rb
Defined Under Namespace
Modules: FallbackPathNormalizer, StoreProxy
Classes: Allow2Ban, Blocklist, Cache, Check, Fail2Ban, MisconfiguredStoreError, MissingStoreError, Request, Safelist, Throttle, Track
Constant Summary
collapse
- VERSION =
'5.4.0'
- PathNormalizer =
if defined?(::ActionDispatch::Journey::Router::Utils)
::ActionDispatch::Journey::Router::Utils
else
FallbackPathNormalizer
end
Class Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Constructor Details
#initialize(app) ⇒ Attack
Returns a new instance of Attack.
165
166
167
|
# File 'lib/rack/attack.rb', line 165
def initialize(app)
@app = app
end
|
Class Attribute Details
.blocklisted_response ⇒ Object
Returns the value of attribute blocklisted_response.
27
28
29
|
# File 'lib/rack/attack.rb', line 27
def blocklisted_response
@blocklisted_response
end
|
.notifier ⇒ Object
Returns the value of attribute notifier.
27
28
29
|
# File 'lib/rack/attack.rb', line 27
def notifier
@notifier
end
|
.throttled_response ⇒ Object
Returns the value of attribute throttled_response.
27
28
29
|
# File 'lib/rack/attack.rb', line 27
def throttled_response
@throttled_response
end
|
Class Method Details
.blacklist(name, &block) ⇒ Object
54
55
56
57
|
# File 'lib/rack/attack.rb', line 54
def blacklist(name, &block)
warn "[DEPRECATION] 'Rack::Attack.blacklist' is deprecated. Please use 'blocklist' instead."
blocklist(name, &block)
end
|
.blacklisted?(request) ⇒ Boolean
100
101
102
103
|
# File 'lib/rack/attack.rb', line 100
def blacklisted?(request)
warn "[DEPRECATION] 'Rack::Attack.blacklisted?' is deprecated. Please use 'blocklisted?' instead."
blocklisted?(request)
end
|
.blacklisted_response ⇒ Object
141
142
143
144
|
# File 'lib/rack/attack.rb', line 141
def blacklisted_response
warn "[DEPRECATION] 'Rack::Attack.blacklisted_response' is deprecated. Please use 'blocklisted_response' instead."
blocklisted_response
end
|
.blacklisted_response=(res) ⇒ Object
136
137
138
139
|
# File 'lib/rack/attack.rb', line 136
def blacklisted_response=(res)
warn "[DEPRECATION] 'Rack::Attack.blacklisted_response=' is deprecated. Please use 'blocklisted_response=' instead."
self.blocklisted_response = res
end
|
.blacklists ⇒ Object
80
81
82
83
|
# File 'lib/rack/attack.rb', line 80
def blacklists
warn "[DEPRECATION] 'Rack::Attack.blacklists' is deprecated. Please use 'blocklists' instead."
blocklists
end
|
.blocklist(name, &block) ⇒ Object
38
39
40
|
# File 'lib/rack/attack.rb', line 38
def blocklist(name, &block)
self.blocklists[name] = Blocklist.new(name, block)
end
|
.blocklist_ip(ip_address) ⇒ Object
42
43
44
45
46
|
# File 'lib/rack/attack.rb', line 42
def blocklist_ip(ip_address)
@ip_blocklists ||= []
ip_blocklist_proc = lambda { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
@ip_blocklists << Blocklist.new(nil, ip_blocklist_proc)
end
|
.blocklisted?(request) ⇒ Boolean
95
96
97
98
|
# File 'lib/rack/attack.rb', line 95
def blocklisted?(request)
ip_blocklists.any? { |blocklist| blocklist.matched_by?(request) } ||
blocklists.any? { |_name, blocklist| blocklist.matched_by?(request) }
end
|
.blocklists ⇒ Object
69
|
# File 'lib/rack/attack.rb', line 69
def blocklists; @blocklists ||= {}; end
|
.cache ⇒ Object
121
122
123
|
# File 'lib/rack/attack.rb', line 121
def cache
@cache ||= Cache.new
end
|
.clear! ⇒ Object
131
132
133
134
|
# File 'lib/rack/attack.rb', line 131
def clear!
warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
clear_configuration
end
|
.clear_configuration ⇒ Object
125
126
127
128
129
|
# File 'lib/rack/attack.rb', line 125
def clear_configuration
@safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
@ip_blocklists = []
@ip_safelists = []
end
|
.instrument(request) ⇒ Object
117
118
119
|
# File 'lib/rack/attack.rb', line 117
def instrument(request)
notifier.instrument('rack.attack', request) if notifier
end
|
.safelist(name, &block) ⇒ Object
29
30
31
|
# File 'lib/rack/attack.rb', line 29
def safelist(name, &block)
self.safelists[name] = Safelist.new(name, block)
end
|
.safelist_ip(ip_address) ⇒ Object
48
49
50
51
52
|
# File 'lib/rack/attack.rb', line 48
def safelist_ip(ip_address)
@ip_safelists ||= []
ip_safelist_proc = lambda { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
@ip_safelists << Safelist.new(nil, ip_safelist_proc)
end
|
.safelisted?(request) ⇒ Boolean
85
86
87
88
|
# File 'lib/rack/attack.rb', line 85
def safelisted?(request)
ip_safelists.any? { |safelist| safelist.matched_by?(request) } ||
safelists.any? { |_name, safelist| safelist.matched_by?(request) }
end
|
.safelists ⇒ Object
67
|
# File 'lib/rack/attack.rb', line 67
def safelists; @safelists ||= {}; end
|
.throttle(name, options, &block) ⇒ Object
59
60
61
|
# File 'lib/rack/attack.rb', line 59
def throttle(name, options, &block)
self.throttles[name] = Throttle.new(name, options, block)
end
|
.throttled?(request) ⇒ Boolean
105
106
107
108
109
|
# File 'lib/rack/attack.rb', line 105
def throttled?(request)
throttles.any? do |_name, throttle|
throttle.matched_by?(request)
end
end
|
.throttles ⇒ Object
71
|
# File 'lib/rack/attack.rb', line 71
def throttles; @throttles ||= {}; end
|
.track(name, options = {}, &block) ⇒ Object
63
64
65
|
# File 'lib/rack/attack.rb', line 63
def track(name, options = {}, &block)
self.tracks[name] = Track.new(name, options, block)
end
|
.tracked?(request) ⇒ Boolean
111
112
113
114
115
|
# File 'lib/rack/attack.rb', line 111
def tracked?(request)
tracks.each_value do |track|
track.matched_by?(request)
end
end
|
.tracks ⇒ Object
73
|
# File 'lib/rack/attack.rb', line 73
def tracks; @tracks ||= {}; end
|
.whitelist(name, &block) ⇒ Object
33
34
35
36
|
# File 'lib/rack/attack.rb', line 33
def whitelist(name, &block)
warn "[DEPRECATION] 'Rack::Attack.whitelist' is deprecated. Please use 'safelist' instead."
safelist(name, &block)
end
|
.whitelisted?(request) ⇒ Boolean
90
91
92
93
|
# File 'lib/rack/attack.rb', line 90
def whitelisted?(request)
warn "[DEPRECATION] 'Rack::Attack.whitelisted?' is deprecated. Please use 'safelisted?' instead."
safelisted?(request)
end
|
.whitelists ⇒ Object
75
76
77
78
|
# File 'lib/rack/attack.rb', line 75
def whitelists
warn "[DEPRECATION] 'Rack::Attack.whitelists' is deprecated. Please use 'safelists' instead."
safelists
end
|
Instance Method Details
#call(env) ⇒ Object
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
|
# File 'lib/rack/attack.rb', line 169
def call(env)
env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
request = Rack::Attack::Request.new(env)
if safelisted?(request)
@app.call(env)
elsif blocklisted?(request)
self.class.blocklisted_response.call(env)
elsif throttled?(request)
self.class.throttled_response.call(env)
else
tracked?(request)
@app.call(env)
end
end
|