sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-26 09:35:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
218 commits 1 branch 0 tags 1.1 MiB
Commit graph

76 commits

Author SHA1 Message Date
Aaron Suggs
074e8e5aa4 Add 1 second buffer to expiry to correct throttles 
Fixes #69.

There was a race condition when `Time.now.to_i` changes between when
`epoch_time` is computed in line 18, and the cache request is made (and
the `key` is expired).

I.e., a throttle check starts at t0, but doesn’t reach the cache until
t1, the cache will have expired the throttle count. The request will
likely be allowed, even if the request exceeded the limit.

This has the effect of keeping keys in cache about 1 second longer than
strictly necessary. But the extra cache space seems like a good
trade-off for correct throttling.
 2014-09-02 14:30:57 -04:00
Aaron Suggs
7820986d9c Merge pull request #74 from zmillman/readme-request 
Improve documentation of Rack::Attack::Request
 2014-08-01 14:43:53 -04:00
Zach Millman
5c78f84be2 Improve documentation of Rack::Attack::Request 
https://github.com/kickstarter/rack-attack/issues/73
 2014-06-17 11:37:25 -07:00
Aaron Suggs
1a3cddb468 Prep for v4.1.0 2014-05-22 13:59:26 -04:00
Aaron Suggs
105c3ba575 Merge pull request #67 from chiliburger/track_only 
Limit and period options for track
 2014-05-22 13:55:54 -04:00
Paul Coates
e8d98a7ad3 Changed track checker to track filter. Made track filter tests more clear. 2014-05-22 10:11:23 -07:00
Aaron Suggs
6f7bd66dfa Default responses: add Content-Type header 
Fixes #68
 2014-05-21 18:35:28 -04:00
Paul Coates
1ebe1c3517 Added limit and period options to track. Delegates [] to Throttle if they are present otherwise Check. 2014-05-19 11:11:01 -07:00
Aaron Suggs
f9eabed6d4 Rack::Attack.clear! resets tracks 
Fixes flaky tests like
https://travis-ci.org/kickstarter/rack-attack/builds/25438931
 2014-05-18 20:46:11 -04:00
Aaron Suggs
0e599a4dd6 version 4.0.1 2014-05-14 13:37:30 -04:00
blahed
97dce48bfc add throttle discriminator to rack env 2014-05-01 22:20:13 -04:00
Aaron Suggs
430672d8f4 Update changelog for v4.0.0 2014-04-28 15:45:13 -04:00
hakanensari
5d72c6e5f9 Move individual proxy classes to separate files 2014-04-15 16:19:43 +01:00
hakanensari
f0a53f474e Stub #with on delegator 2014-04-09 13:15:00 +01:00
hakanensari
937cd3ca20 Merge branch 'master' into patch-3 2014-04-09 12:17:10 +01:00
hakanensari
1c0bc3da4d Merge branch 'patch-2' into patch-3 
Conflicts:
	lib/rack/attack/store_proxy.rb
 2014-04-09 12:16:16 +01:00
Aaron Suggs
66231dc5b2 v3.1.0 2014-04-04 16:16:31 -04:00
Tristan Dunn
16f1cfc578 Add a custom request class to allow for helper methods. 
Fixes #58.
 2014-04-04 14:41:59 -05:00
Aaron Suggs
ea09a49538 Merge pull request #54 from stevehodgkiss/dont_override_new_and_return_a_class 
Rack::Attack.new should return an instance of a class, not the Rack::Attack constant
 2014-04-03 22:37:05 -04:00
Steve Hodgkiss
93421efa5a Tidy up defaults. We don't need to use ||= because this runs when the class gets loaded, and we won't have user supplied defaults yet. 2014-04-02 17:12:28 +11:00
Steve Hodgkiss
332dd4ff9e Delegate to class methods with forwardable 2014-04-02 17:08:46 +11:00
hakanensari
92be2791ab Handle older Dalli clients 2014-04-01 12:23:10 +01:00
hakanensari
128c5aa9bf Support a Dalli Connection Pool 2014-04-01 12:10:32 +01:00
hakanensari
adab844784 Support older dalli client versions 2014-04-01 11:21:14 +01:00
Steve Hodgkiss
c3a077442a Make Rack::Attack a class and Rack::Attack.new return an instance of that class, rather than Rack::Attack. 2014-03-28 14:53:51 +11:00
hakanensari
a7ec48fb44 Implement Proxy for Dalli 
kickstarter/rack-attack#52
 2014-03-26 21:54:12 +00:00
Aaron Suggs
7c6cead69c Version 3.0.0; update changelog 2014-03-15 08:01:55 -04:00
Will Kimeria
87f628d0c1 If redis client throws exception, don't raise it 
For throttling, when the redis client throws an exception, the request
ends up getting rate limited. Modify this to be similar to how
ActiveSupport.MemCacheStore functions (the read, write and increment
methods do not raise exceptions)
 2014-03-14 11:50:59 -07:00
Carsten Zimmermann
1095f85242 Change response body to 'Forbidden' 2014-02-06 23:29:44 +01:00
Carsten Zimmermann
97a43f7e66 Return 403 Forbidden instead of 401 
401 Unauthorized suggests that the requests can be
retried with appropriate credentials. 403 explicitly
states that the request should not be repeated.

See #41
 2014-02-06 21:32:51 +01:00
Jordan Moncharmont
273e045f10 fix edge case, if maxretry is 1, let them get 1 request in 2013-09-27 17:35:01 -07:00
Jordan Moncharmont
ef59c5182a Allow2Ban 
An alternate to fail2ban that allows clients until they hit the
thresholds, then blocks them.  Think of it like a throttle where you can
block for more than one period.
 2013-09-27 17:18:52 -07:00
Aaron Suggs
1d367f5acd version 2.3.0, update changelog, copy tweaks 2013-08-20 11:39:44 -04:00
Pedro Nascimento
ab6d7b239d Allow limit option to be a proc. 
This allows you to do stuff like:
`req.env["USER"] == "god" ? 1000 : 1`
 2013-08-19 19:47:48 -03:00
Aaron Suggs
98eec24a8c Update changelog, version 2.2.1 2013-08-05 21:14:16 -04:00
Alex Volkovitsky & Sachin Maharjan
cfbee2c552 Use correct HTTP status codes for blackist and throttle 2013-06-28 10:55:28 -07:00
Aaron Suggs
9388e98eb0 version 2.2.0 2013-06-20 11:05:00 -04:00
Aaron Suggs
24143dd195 Cleanup whitespace 2013-06-20 10:19:56 -04:00
madlep
2819e0d7a4 collapse fail2ban name/discriminator into one argument 2013-06-17 08:50:39 +10:00
madlep
94a304b815 reorder logic to not repeatedly extend ban after more failed requests 2013-06-14 12:49:53 +10:00
madlep
3f1c98a868 Fail2Ban helper 
based on gist from @ktheory https://gist.github.com/ktheory/5723534

Modified slightly to use fail2ban `filter` terminology to simplify
Rack::Attack initializer configuration (only one block is requred for
this approach instead of 2)
 2013-06-12 15:51:13 +10:00
madlep
6c259ea9be delegate Redis custom logic to StoreProxy 
this removes ugly `if redis blah` code from cache
 2013-06-12 15:03:39 +10:00
madlep
22fc386bad add read/write methods to cache 2013-06-12 15:03:24 +10:00
Aaron Suggs
d1cf2a2eea bump to version 2.1.1 2013-05-16 14:24:41 -04:00
Han Chang
2a91eb6c55 Fix #14 2013-05-10 22:08:31 +00:00
Aaron Suggs
22f051fa2d Merge pull request #10 from vipulnsward/mandatory_options 
extract mandatory options constant
 2013-05-03 07:41:02 -07:00
Vipul A M
7f3a24022b extract mandatory options constant 2013-05-03 09:25:43 +05:30
Vipul A M
709a2331c0 Remove unused var 2013-05-03 09:19:09 +05:30
Vipul A M
d3a9667474 Fix typos 2013-05-03 00:55:23 +05:30
Aaron Suggs
917d47758e Add newlines to default responses 2013-03-04 21:06:15 -05:00