Class: Rack::ExclusiveVerbs
- Inherits:
-
Object
- Object
- Rack::ExclusiveVerbs
- Defined in:
- lib/rack/exclusive_verbs.rb
Overview
Rack middleware implementing an IP whitelist of HTTP verbs
Usage:
use Rack::ExclusiveVerbs do
resolver { Socket.ip_address_list.select { |addr| addr.ipv4_private? }.collect(&:ip_address) }
allow only: '10.0.0.1', to: [:put, :post]
allow only: '10.0.0.1', to: :post
allow only: '10.0.0.1', to: :be_safe ## get, head, options, trace
allow only: '10.0.0.1', to: :be_unsafe ## delete, patch, post, put
allow range: '10.0.0.0/24', to: [:put, :post]
allow range: '10.0.0.0/24', to: :post
allow range: '10.0.0.0/24', to: :be_safe ## get, head, options, trace
allow range: '10.0.0.0/24', to: :be_unsafe ## delete, patch, post, put
end
Class Method Summary collapse
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app, &block) ⇒ ExclusiveVerbs
constructor
A new instance of ExclusiveVerbs.
Constructor Details
#initialize(app, &block) ⇒ ExclusiveVerbs
Returns a new instance of ExclusiveVerbs.
21 22 23 24 25 26 |
# File 'lib/rack/exclusive_verbs.rb', line 21 def initialize(app, &block) @app = app @rules = {} @resolve = Proc.new { |request| [IPAddr.new(request.ip)] } instance_eval(&block) end |
Class Method Details
.VERSION ⇒ Object
97 |
# File 'lib/rack/exclusive_verbs.rb', line 97 def VERSION; "1.0.0"; end |
Instance Method Details
#call(env) ⇒ Object
28 29 30 31 32 33 34 |
# File 'lib/rack/exclusive_verbs.rb', line 28 def call(env) if is_allowed?(env) @app.call(env) else [403, {"Content-Type" => "text/plain"}, ["403 Forbidden"]] end end |