rack-attack

mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00

Author	SHA1	Message	Date
Gonzalo Rodriguez	eb07d9789f	Prefer Gem::Version for version comparisons	2018-06-29 15:27:36 -03:00
Gonzalo Rodriguez	85c4c085c9	Remove duplicated #initialize	2018-06-29 15:27:20 -03:00
Gonzalo Rodriguez	d1682b19b4	Merge remote-tracking branch 'rfwatson/master'	2018-06-29 15:24:13 -03:00
Gonzalo Rodriguez	73bc739d5a	Merge remote-tracking branch 'doliveirakn/master'	2018-06-29 11:17:19 -03:00
Gonzalo Rodriguez	19e17562c1	Merge pull request #372 from grzuy/drop_deprecated_methods Remove previously deprecated public methods	2018-06-28 19:12:41 -03:00
Gonzalo Rodriguez	1c1ee918e1	Remove previously deprecated public methods	2018-06-28 17:16:33 -03:00
Gonzalo Rodriguez	8315a1e7e1	Remove support for unmaintained ruby 2.2	2018-06-28 17:08:15 -03:00
Gonzalo Rodriguez	8802ebfbaf	Merge branch '255-correct-object-for-instrumentation'	2018-06-28 16:40:08 -03:00
Gonzalo Rodriguez	21561bb2f5	Bump version to v5.3.2	2018-06-25 19:27:35 -03:00
Gonzalo Rodriguez	ee84079768	Fix 'redis is not part of the bundle' exception when using :memory_store When RedisCacheStore constant is referenced, activesupport autoloads and rails tries to require redis, throwing exception if not present	2018-06-25 17:42:45 -03:00
Gonzalo Rodriguez	08861f8d17	Attempt to improve code legibility/clarity/semantics (#357 ) * attempt to improve semantics for legibility * Attempt to improve legibility by simplifying * Make it more clear that we're calling procs/blocks here * Enable rubocop Style/BlockDelimiters cop * Prefer 'request' over 'req' abbreviation for legibility/clarity * Instances of Track named 'track' not 'tracker'	2018-06-21 14:33:24 -03:00
Gonzalo Rodriguez	d8b88cfb84	Honor amount argument instead of hard coding counter (part 2) See commit `ca2e752937`	2018-06-21 11:25:47 -03:00
Gonzalo Rodriguez	196868130a	Bump version to v5.3.1	2018-06-20 19:49:15 -03:00
Gonzalo Rodriguez	2c1cbc323e	Default increment amount to 1 as RedisCacheStore	2018-06-20 19:14:37 -03:00
Gonzalo Rodriguez	ca2e752937	Honor amount argument instead of hard coding counter	2018-06-20 19:14:02 -03:00
Gonzalo Rodriguez	3af7394b6a	Refactor RedisCacheStoreProxy to unlearn everything about redis client details to make it less prone to bugs in the future Let RedisCacheStoreProxy only know and assume things about RedisCacheStore API. Don't let it know anything about the specific redis client behind the scenes, that's the job of RedisCacheStore only, not ours.	2018-06-20 18:33:00 -03:00
Alexey Vasiliev	3caee5c3ca	Fix usage of RedisCacheStore for rails 5.2.0	2018-06-20 18:06:45 -03:00
Gonzalo Rodriguez	86eb9f9e0a	Enable Style/BracesAroundHashParameters rubocop cop	2018-06-19 17:57:30 -03:00
Gonzalo Rodriguez	e6854bcb02	Enable rubocop Naming cops	2018-06-19 17:57:26 -03:00
Gonzalo Rodriguez	dac926cf68	Bump version to v5.3.0	2018-06-19 15:49:20 -03:00
Brian Kephart	4cc8d7d854	Support ActiveSupport::RedisCacheStore	2018-06-19 13:39:43 -03:00
Gonzalo Rodriguez	a99722bf4b	Avoid user confusion by renaming .clear! to .clear_configuration	2018-05-18 18:23:59 -03:00
Brian Kephart	b5b4164967	replace `const_defined?` with `defined?`	2018-05-13 17:45:12 -05:00
Gonzalo Rodriguez	52ec80692d	Enable Lint rubocop cops	2018-04-17 16:27:56 -04:00
Lucas Mansur	11e9557ccb	[Fixes #302 ] Initial style guide adoption (#330 ) * Initial Rubocop configuration * Fix Rubocop layout offenses for lib * Fix some spec offenses * Fix leftover layout offenses	2018-03-30 16:08:00 -03:00
Koen Rouwhorst	0457bf22f9	Updated all non-secure HTTP URLs to HTTPS.	2018-03-29 18:41:40 +02:00
Gonzalo Rodriguez	389287f060	Bump version to 5.2.0	2018-03-29 12:24:37 -03:00
Gonzalo Rodriguez	62aca946b5	Require ipaddr so it works on ruby < 2.5	2018-03-26 18:53:32 -03:00
Gonzalo Rodriguez	e907cc6b83	Provide shorthand to safelist an entire IP subnet	2018-03-26 18:00:02 -03:00
Gonzalo Rodriguez	27aab72d49	Provide shorthand to safelist an IP	2018-03-26 17:51:40 -03:00
Gonzalo Rodriguez	aec03047c5	Provide shorthand to blocklist an entire IP subnet	2018-03-26 17:35:41 -03:00
Gonzalo Rodriguez	dccce4ee3d	Provide shorthand to blocklist an IP	2018-03-26 17:33:58 -03:00
Gonzalo Rodriguez	7435d4da34	Merge pull request #315 from grzuy/help_debug_cache_issues Give clearer error message for misconfigured cache store for allow/fail2ban	2018-03-23 16:35:16 -03:00
Gonzalo Rodriguez	7a87ca2ff7	Give clearer error message for misconfigured cache store for allow/fail2ban	2018-03-23 14:18:07 -03:00
Gonzalo Rodriguez	0fe30e3a3d	Don't autoload when it's barely valuable to do so Rack::Attack::PathNormalizer and Rack::Attack::Request are both used in #call method, which is going to be used by every rack-attack user as long as they insert the middleware in their app.	2018-03-23 10:58:51 -03:00
Domenoth	5004b04ac7	Change object type yielded to ActiveSupport::Subscribers https://github.com/kickstarter/rack-attack/issues/255 Change the object type from instances of type Rack::Attack::Request to instances of type Hash. (`req` becomes `request: req`).	2018-03-21 11:32:09 -07:00
Gonzalo Rodriguez	c119186134	bump version to v5.1.0	2018-03-09 15:23:46 -03:00
Gonzalo Rodriguez	922917d5a4	Merge pull request #274 from grzuy/help_debug_cache_issues Help users understand more clearly when the store is misconfigured	2018-03-09 10:28:08 -03:00
Kyle d'Oliveira	9dbece5272	Add an reader for the epoch_time variable in the cache so that it can also be returned in the data from the throttle. This is allows access to the same time that the cache uses for the count. This can be important for clients that want to provide rate limit information for well-behaved clients	2018-02-15 14:45:35 -08:00
Gonzalo Rodriguez	7bb7a05987	Help users understand more clearly when the store is misconfigured	2018-02-01 10:06:39 -03:00
Gonzalo Rodriguez	6af29fb44e	Avoid 'defined?' buggy behavior in ruby 2.5.0. Fixes #253 'defined?' is buggy in ruby 2.5.0, which under certain circumstances users using rack-attack can hit. See issue #253. I reported (https://bugs.ruby-lang.org/issues/14407) and fixed (https://github.com/ruby/ruby/pull/1800) the issue in ruby already, but i guess i would take some time before there's a new ruby release including that fix. So for now we would need to circumvent this bug by using 'const_defined?' instead of 'defined?' for this particular case. More details: Anyone using: * ruby 2.5.0 * redis * rack-attack without redis-store and using at least one throttle * having a toplevel class named Store will hit this ruby 2.5.0 bug https://bugs.ruby-lang.org/issues/14407 That's because of the following buggy behavior of 'defined?' under ruby 2.5: ``` $ ruby -v ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-linux] $ irb > class Redis > end => nil > class Store > end => nil > defined?(::Redis::Store) => "constant" > ::Redis::Store NameError (uninitialized constant Redis::Store Did you mean? Store) ```	2018-01-29 12:25:18 -03:00
Tieg Zaharia	d7cc49117f	Merge pull request #267 from grzuy/freeze_constants Do not allow mutating constants	2018-01-25 14:51:06 -05:00
Gonzalo Rodriguez	b7eb7851cf	Cleanup unnecessary self references	2018-01-25 15:52:20 -03:00
Gonzalo Rodriguez	7286517c2f	Do not allow mutating constants	2018-01-25 12:22:40 -03:00
Corey Farwell	f91f3a403c	Merge pull request #264 from grzuy/drop_support_for_rails_3 Drop support for unmaintaned Rails 3	2018-01-23 17:45:29 -05:00
Gonzalo Rodriguez	218a320a3d	Fixes warning instead of hiding it Warning was: 'warning: instance variable @data not initialized'	2018-01-23 16:56:42 -03:00
Gonzalo Rodriguez	34ee066eac	Drop support for Rails 3	2018-01-23 16:12:16 -03:00
Eric Garside	5a7114e126	Fixing whitespace issue	2018-01-05 17:38:19 -05:00
Mattias Lundell	c37b477d15	Fix alignment of columns	2017-10-11 13:55:19 +02:00
Rob Watson	69ab514477	Warn if Redis gem is < 3.0.0 Prefer printing a log message if this criteria is not met, instead of failing silently.	2017-05-11 10:17:18 +01:00

1 2 3 4

157 commits