sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Return 403 Forbidden instead of 401

Browse source 
401 Unauthorized suggests that the requests can be
retried with appropriate credentials. 403 explicitly
states that the request should not be repeated.

See #41
This commit is contained in:
Carsten Zimmermann 2014-02-06 21:32:51 +01:00
parent d79fda80d6
commit 97a43f7e66
4 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/rack/attack.rb
View file

@ -40,7 +40,7 @@ module Rack::Attack
# Set defaults # Set defaults
@notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications) @notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
@blacklisted_response ||= lambda {|env| [401, {}, ["Unauthorized\n"]] } @blacklisted_response ||= lambda {|env| [403, {}, ["Unauthorized\n"]] }
@throttled_response ||= lambda {|env| @throttled_response ||= lambda {|env|
retry_after = env['rack.attack.match_data'][:period] rescue nil retry_after = env['rack.attack.match_data'][:period] rescue nil
[429, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]] [429, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]]

4
spec/allow2ban_spec.rb
View file

@ -83,7 +83,7 @@ describe 'Rack::Attack.Allow2Ban' do
end end
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'does not increase fail count' do it 'does not increase fail count' do
@ -103,7 +103,7 @@ describe 'Rack::Attack.Allow2Ban' do
end end
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'does not increase fail count' do it 'does not increase fail count' do

8
spec/fail2ban_spec.rb
View file

@ -24,7 +24,7 @@ describe 'Rack::Attack.Fail2Ban' do
describe 'when not at maxretry' do describe 'when not at maxretry' do
before { get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' } before { get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' }
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'increases fail count' do it 'increases fail count' do
@ -46,7 +46,7 @@ describe 'Rack::Attack.Fail2Ban' do
end end
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'increases fail count' do it 'increases fail count' do
@ -83,7 +83,7 @@ describe 'Rack::Attack.Fail2Ban' do
end end
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'does not increase fail count' do it 'does not increase fail count' do
@ -103,7 +103,7 @@ describe 'Rack::Attack.Fail2Ban' do
end end
it 'fails' do it 'fails' do
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it 'does not increase fail count' do it 'does not increase fail count' do

2
spec/rack_attack_spec.rb
View file

@ -15,7 +15,7 @@ describe 'Rack::Attack' do
before { get '/', {}, 'REMOTE_ADDR' => @bad_ip } before { get '/', {}, 'REMOTE_ADDR' => @bad_ip }
it "should return a blacklist response" do it "should return a blacklist response" do
get '/', {}, 'REMOTE_ADDR' => @bad_ip get '/', {}, 'REMOTE_ADDR' => @bad_ip
last_response.status.must_equal 401 last_response.status.must_equal 403
end end
it "should tag the env" do it "should tag the env" do
last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}" last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}"