sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: clear custom response when clearing configuration

Browse source
This commit is contained in:
Gonzalo Rodriguez 2019-10-17 14:26:22 -03:00
parent 6731e231cd
commit 55cb6def03
No known key found for this signature in database
GPG key ID: 5DB8B81B049B8AB1
2 changed files with 19 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
lib/rack/attack/configuration.rb
View file

@ -3,6 +3,20 @@
module Rack module Rack
class Attack class Attack
class Configuration class Configuration
DEFAULT_BLOCKLISTED_RESPONSE = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] }
DEFAULT_THROTTLED_RESPONSE = lambda do |env|
if Rack::Attack.configuration.throttled_response_retry_after_header
match_data = env['rack.attack.match_data']
now = match_data[:epoch_time]
retry_after = match_data[:period] - (now % match_data[:period])
[429, { 'Content-Type' => 'text/plain', 'Retry-After' => retry_after.to_s }, ["Retry later\n"]]
else
[429, { 'Content-Type' => 'text/plain' }, ["Retry later\n"]]
end
end
attr_reader :safelists, :blocklists, :throttles, :anonymous_blocklists, :anonymous_safelists attr_reader :safelists, :blocklists, :throttles, :anonymous_blocklists, :anonymous_safelists
attr_accessor :blocklisted_response, :throttled_response, :throttled_response_retry_after_header attr_accessor :blocklisted_response, :throttled_response, :throttled_response_retry_after_header
@ -15,17 +29,8 @@ module Rack
@anonymous_safelists = [] @anonymous_safelists = []
@throttled_response_retry_after_header = false @throttled_response_retry_after_header = false
@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] } @blocklisted_response = DEFAULT_BLOCKLISTED_RESPONSE
@throttled_response = lambda do |env| @throttled_response = DEFAULT_THROTTLED_RESPONSE
if throttled_response_retry_after_header
match_data = env['rack.attack.match_data']
now = match_data[:epoch_time]
retry_after = match_data[:period] - (now % match_data[:period])
[429, { 'Content-Type' => 'text/plain', 'Retry-After' => retry_after.to_s }, ["Retry later\n"]]
else
[429, { 'Content-Type' => 'text/plain' }, ["Retry later\n"]]
end
end
end end
def safelist(name = nil, &block) def safelist(name = nil, &block)
@ -94,6 +99,9 @@ module Rack
@anonymous_blocklists = [] @anonymous_blocklists = []
@anonymous_safelists = [] @anonymous_safelists = []
@throttled_response_retry_after_header = false @throttled_response_retry_after_header = false
@blocklisted_response = DEFAULT_BLOCKLISTED_RESPONSE
@throttled_response = DEFAULT_THROTTLED_RESPONSE
end end
end end
end end

5
spec/spec_helper.rb
View file

@ -30,16 +30,11 @@ class MiniTest::Spec
before do before do
Rails.cache = nil Rails.cache = nil
@_original_throttled_response = Rack::Attack.throttled_response
@_original_blocklisted_response = Rack::Attack.blocklisted_response
end end
after do after do
Rack::Attack.clear_configuration Rack::Attack.clear_configuration
Rack::Attack.instance_variable_set(:@cache, nil) Rack::Attack.instance_variable_set(:@cache, nil)
Rack::Attack.throttled_response = @_original_throttled_response
Rack::Attack.blocklisted_response = @_original_blocklisted_response
end end
def app def app