Class: Rack::Attack
- Inherits:
-
Object
show all
- Extended by:
- Forwardable
- Defined in:
- lib/rack/attack/cache.rb,
lib/rack/attack/check.rb,
lib/rack/attack/track.rb,
lib/rack/attack/request.rb,
lib/rack/attack/version.rb,
lib/rack/attack/fail2ban.rb,
lib/rack/attack/safelist.rb,
lib/rack/attack/throttle.rb,
lib/rack/attack/allow2ban.rb,
lib/rack/attack/blocklist.rb,
lib/rack/attack/store_proxy.rb,
lib/rack/attack/path_normalizer.rb,
lib/rack/attack/store_proxy/dalli_proxy.rb,
lib/rack/attack/store_proxy/redis_proxy.rb,
lib/rack/attack/store_proxy/mem_cache_proxy.rb,
lib/rack/attack/store_proxy/redis_store_proxy.rb,
lib/rack/attack/store_proxy/mem_cache_store_proxy.rb,
lib/rack/attack/store_proxy/redis_cache_store_proxy.rb,
lib/rack/attack.rb
Defined Under Namespace
Modules: FallbackPathNormalizer, StoreProxy
Classes: Allow2Ban, Blocklist, Cache, Check, Fail2Ban, MisconfiguredStoreError, MissingStoreError, Request, Safelist, Throttle, Track
Constant Summary
collapse
- VERSION =
'5.4.1'
- PathNormalizer =
if defined?(::ActionDispatch::Journey::Router::Utils)
::ActionDispatch::Journey::Router::Utils
else
FallbackPathNormalizer
end
Class Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Constructor Details
#initialize(app) ⇒ Attack
Returns a new instance of Attack.
166
167
168
|
# File 'lib/rack/attack.rb', line 166
def initialize(app)
@app = app
end
|
Class Attribute Details
.blocklisted_response ⇒ Object
Returns the value of attribute blocklisted_response.
28
29
30
|
# File 'lib/rack/attack.rb', line 28
def blocklisted_response
@blocklisted_response
end
|
.notifier ⇒ Object
Returns the value of attribute notifier.
28
29
30
|
# File 'lib/rack/attack.rb', line 28
def notifier
@notifier
end
|
.throttled_response ⇒ Object
Returns the value of attribute throttled_response.
28
29
30
|
# File 'lib/rack/attack.rb', line 28
def throttled_response
@throttled_response
end
|
Class Method Details
.blacklist(name, &block) ⇒ Object
55
56
57
58
|
# File 'lib/rack/attack.rb', line 55
def blacklist(name, &block)
warn "[DEPRECATION] 'Rack::Attack.blacklist' is deprecated. Please use 'blocklist' instead."
blocklist(name, &block)
end
|
.blacklisted?(request) ⇒ Boolean
101
102
103
104
|
# File 'lib/rack/attack.rb', line 101
def blacklisted?(request)
warn "[DEPRECATION] 'Rack::Attack.blacklisted?' is deprecated. Please use 'blocklisted?' instead."
blocklisted?(request)
end
|
.blacklisted_response ⇒ Object
142
143
144
145
|
# File 'lib/rack/attack.rb', line 142
def blacklisted_response
warn "[DEPRECATION] 'Rack::Attack.blacklisted_response' is deprecated. Please use 'blocklisted_response' instead."
blocklisted_response
end
|
.blacklisted_response=(res) ⇒ Object
137
138
139
140
|
# File 'lib/rack/attack.rb', line 137
def blacklisted_response=(res)
warn "[DEPRECATION] 'Rack::Attack.blacklisted_response=' is deprecated. Please use 'blocklisted_response=' instead."
self.blocklisted_response = res
end
|
.blacklists ⇒ Object
81
82
83
84
|
# File 'lib/rack/attack.rb', line 81
def blacklists
warn "[DEPRECATION] 'Rack::Attack.blacklists' is deprecated. Please use 'blocklists' instead."
blocklists
end
|
.blocklist(name, &block) ⇒ Object
39
40
41
|
# File 'lib/rack/attack.rb', line 39
def blocklist(name, &block)
self.blocklists[name] = Blocklist.new(name, block)
end
|
.blocklist_ip(ip_address) ⇒ Object
43
44
45
46
47
|
# File 'lib/rack/attack.rb', line 43
def blocklist_ip(ip_address)
@ip_blocklists ||= []
ip_blocklist_proc = lambda { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
@ip_blocklists << Blocklist.new(nil, ip_blocklist_proc)
end
|
.blocklisted?(request) ⇒ Boolean
96
97
98
99
|
# File 'lib/rack/attack.rb', line 96
def blocklisted?(request)
ip_blocklists.any? { |blocklist| blocklist.matched_by?(request) } ||
blocklists.any? { |_name, blocklist| blocklist.matched_by?(request) }
end
|
.blocklists ⇒ Object
70
|
# File 'lib/rack/attack.rb', line 70
def blocklists; @blocklists ||= {}; end
|
.cache ⇒ Object
122
123
124
|
# File 'lib/rack/attack.rb', line 122
def cache
@cache ||= Cache.new
end
|
.clear! ⇒ Object
132
133
134
135
|
# File 'lib/rack/attack.rb', line 132
def clear!
warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
clear_configuration
end
|
.clear_configuration ⇒ Object
126
127
128
129
130
|
# File 'lib/rack/attack.rb', line 126
def clear_configuration
@safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
@ip_blocklists = []
@ip_safelists = []
end
|
.instrument(request) ⇒ Object
118
119
120
|
# File 'lib/rack/attack.rb', line 118
def instrument(request)
notifier.instrument('rack.attack', request) if notifier
end
|
.safelist(name, &block) ⇒ Object
30
31
32
|
# File 'lib/rack/attack.rb', line 30
def safelist(name, &block)
self.safelists[name] = Safelist.new(name, block)
end
|
.safelist_ip(ip_address) ⇒ Object
49
50
51
52
53
|
# File 'lib/rack/attack.rb', line 49
def safelist_ip(ip_address)
@ip_safelists ||= []
ip_safelist_proc = lambda { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
@ip_safelists << Safelist.new(nil, ip_safelist_proc)
end
|
.safelisted?(request) ⇒ Boolean
86
87
88
89
|
# File 'lib/rack/attack.rb', line 86
def safelisted?(request)
ip_safelists.any? { |safelist| safelist.matched_by?(request) } ||
safelists.any? { |_name, safelist| safelist.matched_by?(request) }
end
|
.safelists ⇒ Object
68
|
# File 'lib/rack/attack.rb', line 68
def safelists; @safelists ||= {}; end
|
.throttle(name, options, &block) ⇒ Object
60
61
62
|
# File 'lib/rack/attack.rb', line 60
def throttle(name, options, &block)
self.throttles[name] = Throttle.new(name, options, block)
end
|
.throttled?(request) ⇒ Boolean
106
107
108
109
110
|
# File 'lib/rack/attack.rb', line 106
def throttled?(request)
throttles.any? do |_name, throttle|
throttle.matched_by?(request)
end
end
|
.throttles ⇒ Object
72
|
# File 'lib/rack/attack.rb', line 72
def throttles; @throttles ||= {}; end
|
.track(name, options = {}, &block) ⇒ Object
64
65
66
|
# File 'lib/rack/attack.rb', line 64
def track(name, options = {}, &block)
self.tracks[name] = Track.new(name, options, block)
end
|
.tracked?(request) ⇒ Boolean
112
113
114
115
116
|
# File 'lib/rack/attack.rb', line 112
def tracked?(request)
tracks.each_value do |track|
track.matched_by?(request)
end
end
|
.tracks ⇒ Object
74
|
# File 'lib/rack/attack.rb', line 74
def tracks; @tracks ||= {}; end
|
.whitelist(name, &block) ⇒ Object
34
35
36
37
|
# File 'lib/rack/attack.rb', line 34
def whitelist(name, &block)
warn "[DEPRECATION] 'Rack::Attack.whitelist' is deprecated. Please use 'safelist' instead."
safelist(name, &block)
end
|
.whitelisted?(request) ⇒ Boolean
91
92
93
94
|
# File 'lib/rack/attack.rb', line 91
def whitelisted?(request)
warn "[DEPRECATION] 'Rack::Attack.whitelisted?' is deprecated. Please use 'safelisted?' instead."
safelisted?(request)
end
|
.whitelists ⇒ Object
76
77
78
79
|
# File 'lib/rack/attack.rb', line 76
def whitelists
warn "[DEPRECATION] 'Rack::Attack.whitelists' is deprecated. Please use 'safelists' instead."
safelists
end
|
Instance Method Details
#call(env) ⇒ Object
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
# File 'lib/rack/attack.rb', line 170
def call(env)
env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
request = Rack::Attack::Request.new(env)
if safelisted?(request)
@app.call(env)
elsif blocklisted?(request)
self.class.blocklisted_response.call(env)
elsif throttled?(request)
self.class.throttled_response.call(env)
else
tracked?(request)
@app.call(env)
end
end
|