diff --git a/README.md b/README.md index 71163b3..787cefd 100644 --- a/README.md +++ b/README.md @@ -100,7 +100,7 @@ how the parameters work. # this causes `blacklist` to block the request Rack::Attack::Fail2Ban.filter(req.ip, :maxretry => 3, :findtime => 10.minutes, :bantime => 5.minutes) do # if block is truthy, the count for the IP is incremented - CGI.unescape(req.query_string) =~ %r{/etc/passwd} + CGI.unescape(req.query_string) =~ %r{/etc/passwd} end end diff --git a/lib/rack/attack/cache.rb b/lib/rack/attack/cache.rb index 6b29ebb..9c54505 100644 --- a/lib/rack/attack/cache.rb +++ b/lib/rack/attack/cache.rb @@ -24,7 +24,7 @@ module Rack def read(unprefixed_key) store.read("#{prefix}:#{unprefixed_key}") end - + def write(unprefixed_key, value, expires_in) store.write("#{prefix}:#{unprefixed_key}", value, :expires_in => expires_in) end diff --git a/lib/rack/attack/store_proxy.rb b/lib/rack/attack/store_proxy.rb index 0aa9e62..0c65aee 100644 --- a/lib/rack/attack/store_proxy.rb +++ b/lib/rack/attack/store_proxy.rb @@ -38,7 +38,7 @@ module Rack def increment(key, amount, options={}) count = nil - self.pipelined do + self.pipelined do count = self.incrby(key, amount) self.expire(key, options[:expires_in]) if options[:expires_in] end diff --git a/spec/fail2ban_spec.rb b/spec/fail2ban_spec.rb index e19ddee..44b5ef5 100644 --- a/spec/fail2ban_spec.rb +++ b/spec/fail2ban_spec.rb @@ -7,11 +7,11 @@ describe 'Rack::Attack.Fail2Ban' do @bantime = 60 Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new @f2b_options = {:bantime => @bantime, :findtime => @findtime, :maxretry => 2} - Rack::Attack.blacklist('pentest') do |req| + Rack::Attack.blacklist('pentest') do |req| Rack::Attack::Fail2Ban.filter(req.ip, @f2b_options){req.query_string =~ /OMGHAX/} end end - + describe 'discriminator has not been banned' do describe 'making ok request' do it 'succeeds' do @@ -26,18 +26,18 @@ describe 'Rack::Attack.Fail2Ban' do it 'fails' do last_response.status.must_equal 503 end - + it 'increases fail count' do key = "rack::attack:#{Time.now.to_i/@findtime}:fail2ban:count:1.2.3.4" @cache.store.read(key).must_equal 1 end - + it 'is not banned' do key = "rack::attack:fail2ban:1.2.3.4" @cache.store.read(key).must_be_nil end end - + describe 'when at maxretry' do before do # maxretry is 2 - so hit with an extra failed request first @@ -96,7 +96,7 @@ describe 'Rack::Attack.Fail2Ban' do @cache.store.read(key).must_equal 1 end end - + describe 'making failing request' do before do get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' @@ -116,6 +116,6 @@ describe 'Rack::Attack.Fail2Ban' do @cache.store.read(key).must_equal 1 end end - + end end diff --git a/spec/rack_attack_cache_spec.rb b/spec/rack_attack_cache_spec.rb index a3998ab..3f7fac9 100644 --- a/spec/rack_attack_cache_spec.rb +++ b/spec/rack_attack_cache_spec.rb @@ -52,14 +52,14 @@ if ENV['TEST_INTEGRATION'] @cache.send(:do_count, @key, @expires_in).must_equal 1 end end - + describe "write" do it "should write a value to the store with prefix" do @cache.write("cache-test-key", "foobar", 1) store.read(@key).must_equal "foobar" end end - + describe "write after expiry" do it "must not have a value" do @cache.write("cache-test-key", "foobar", @expires_in) @@ -67,7 +67,7 @@ if ENV['TEST_INTEGRATION'] store.read(@key).must_be :nil? end end - + describe "read" do it "must read the value with a prefix" do store.write(@key, "foobar", :expires_in => @expires_in)