Class: AntiOffensiveString
- Inherits:
-
Object
- Object
- AntiOffensiveString
- Defined in:
- lib/anti_offensive_string.rb,
lib/anti_offensive_string/version.rb
Defined Under Namespace
Classes: InsecureRequest
Constant Summary collapse
- TARGET_REGEXPS =
[ /\u0647\u0020\u0488\u0488\u0488|%D9%87[ +]%D2%88%D2%88%D2%88/ ].freeze
- DEFAULT_HANDLER =
proc { [400, {'Content-Type' => 'text/plain'}, ['400 Bad Request']] }
- VERSION =
"0.0.1"
Class Method Summary collapse
- .handler ⇒ Object
- .handler=(proc_or_obj) ⇒ Object (also: error_response=)
- .on_offensive_request(&block) ⇒ Object
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ AntiOffensiveString
constructor
A new instance of AntiOffensiveString.
Constructor Details
#initialize(app) ⇒ AntiOffensiveString
Returns a new instance of AntiOffensiveString.
35 36 37 |
# File 'lib/anti_offensive_string.rb', line 35 def initialize(app) @app = app end |
Class Method Details
.handler ⇒ Object
30 31 32 |
# File 'lib/anti_offensive_string.rb', line 30 def handler @handler ||= DEFAULT_HANDLER end |
.handler=(proc_or_obj) ⇒ Object Also known as: error_response=
20 21 22 23 24 25 26 |
# File 'lib/anti_offensive_string.rb', line 20 def handler=(proc_or_obj) @handler = if proc_or_obj.kind_of?(Proc) proc_or_obj else proc { proc_or_obj } end end |
.on_offensive_request(&block) ⇒ Object
16 17 18 |
# File 'lib/anti_offensive_string.rb', line 16 def on_offensive_request(&block) @handler = block end |
Instance Method Details
#call(env) ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/anti_offensive_string.rb', line 39 def call(env) input = env['rack.input'].read if TARGET_REGEXPS.any? { |r| r === input } raise InsecureRequest end env.each do |k, v| if v.kind_of?(String) && TARGET_REGEXPS.any? { |r| r === v } raise InsecureRequest end end begin env['rack.input'].rewind rescue Errno::ESPIPE env['rack.input'] = StringIO.new(inpuit, "r") end @app.call(env) rescue InsecureRequest return self.class.handler.call(env) end |