sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #457 from kickstarter/fix_load

Browse source 
fix: avoid unintended effects on load_config_initializers and other gems load order
This commit is contained in:
Gonzalo Rodriguez 2019-10-30 15:13:05 -03:00 committed by GitHub
commit a103ff4819
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 6 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/rack/attack.rb
View file

@ -96,8 +96,9 @@ module Rack
end end
def call(env) def call(env)
return @app.call(env) unless self.class.enabled return @app.call(env) if !self.class.enabled || env["rack.attack.called"]
env["rack.attack.called"] = true
env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO']) env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
request = Rack::Attack::Request.new(env) request = Rack::Attack::Request.new(env)

12
lib/rack/attack/railtie.rb
View file

@ -3,17 +3,9 @@
module Rack module Rack
class Attack class Attack
class Railtie < ::Rails::Railtie class Railtie < ::Rails::Railtie
initializer 'rack.attack.middleware', after: :load_config_initializers, before: :build_middleware_stack do |app| initializer "rack-attack.middleware" do |app|
if Gem::Version.new(::Rails::VERSION::STRING) >= Gem::Version.new("5.1") if Gem::Version.new(::Rails::VERSION::STRING) >= Gem::Version.new("5.1")
middlewares = app.config.middleware app.middleware.use(Rack::Attack)
operations = middlewares.send(:operations) + middlewares.send(:delete_operations)
use_middleware = operations.none? do |operation|
middleware = operation[1]
middleware.include?(Rack::Attack)
end
middlewares.use(Rack::Attack) if use_middleware
end end
end end
end end

6
spec/acceptance/rails_middleware_spec.rb
View file

@ -18,12 +18,6 @@ if defined?(Rails)
assert_equal 1, @app.middleware.count(Rack::Attack) assert_equal 1, @app.middleware.count(Rack::Attack)
end end
it "is not added when it was added explicitly" do
@app.config.middleware.use(Rack::Attack)
@app.initialize!
assert_equal 1, @app.middleware.count(Rack::Attack)
end
it "is not added when it was explicitly deleted" do it "is not added when it was explicitly deleted" do
@app.config.middleware.delete(Rack::Attack) @app.config.middleware.delete(Rack::Attack)
@app.initialize! @app.initialize!

2
spec/spec_helper.rb
View file

@ -41,6 +41,8 @@ class MiniTest::Spec
Rack::Builder.new do Rack::Builder.new do
# Use Rack::Lint to test that rack-attack is complying with the rack spec # Use Rack::Lint to test that rack-attack is complying with the rack spec
use Rack::Lint use Rack::Lint
# Intentionally added twice to test idempotence property
use Rack::Attack
use Rack::Attack use Rack::Attack
use Rack::Lint use Rack::Lint