sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #42 from carpodaster/feature/return-403-forbidden-by-default

Browse source 
Return 403 forbidden by default
This commit is contained in:
Aaron Suggs 2014-02-06 18:51:29 -05:00
commit 48adeda2f6
5 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -198,7 +198,7 @@ Customize the response of blacklisted and throttled requests using an object tha
```ruby
Rack::Attack.blacklisted_response = lambda do |env|
# Using 503 because it may make attacker think that they have successfully
# DOSed the site. Rack::Attack returns 401 for blacklists by default
# DOSed the site. Rack::Attack returns 403 for blacklists by default
[ 503, {}, ['Blocked']]
end

2
lib/rack/attack.rb
View file

@ -40,7 +40,7 @@ module Rack::Attack
# Set defaults
@notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
@blacklisted_response ||= lambda {|env| [401, {}, ["Unauthorized\n"]] }
@blacklisted_response ||= lambda {|env| [403, {}, ["Forbidden\n"]] }
@throttled_response ||= lambda {|env|
retry_after = env['rack.attack.match_data'][:period] rescue nil
[429, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]]

4
spec/allow2ban_spec.rb
View file

@ -83,7 +83,7 @@ describe 'Rack::Attack.Allow2Ban' do
end
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'does not increase fail count' do
@ -103,7 +103,7 @@ describe 'Rack::Attack.Allow2Ban' do
end
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'does not increase fail count' do

8
spec/fail2ban_spec.rb
View file

@ -24,7 +24,7 @@ describe 'Rack::Attack.Fail2Ban' do
describe 'when not at maxretry' do
before { get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' }
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'increases fail count' do
@ -46,7 +46,7 @@ describe 'Rack::Attack.Fail2Ban' do
end
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'increases fail count' do
@ -83,7 +83,7 @@ describe 'Rack::Attack.Fail2Ban' do
end
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'does not increase fail count' do
@ -103,7 +103,7 @@ describe 'Rack::Attack.Fail2Ban' do
end
it 'fails' do
last_response.status.must_equal 401
last_response.status.must_equal 403
end
it 'does not increase fail count' do

3
spec/rack_attack_spec.rb
View file

@ -15,7 +15,8 @@ describe 'Rack::Attack' do
before { get '/', {}, 'REMOTE_ADDR' => @bad_ip }
it "should return a blacklist response" do
get '/', {}, 'REMOTE_ADDR' => @bad_ip
last_response.status.must_equal 401
last_response.status.must_equal 403
last_response.body.must_equal "Forbidden\n"
end
it "should tag the env" do
last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}"