rack-attack

mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00

Author	SHA1	Message	Date
Gonzalo Rodriguez	193a27dbed	build: support bundler 2.0 for development	2019-01-28 22:32:12 -03:00
Gonzalo Rodriguez	3b97b7d2e9	Update development gems	2018-08-17 16:55:18 -03:00
Gonzalo Rodriguez	8315a1e7e1	Remove support for unmaintained ruby 2.2	2018-06-28 17:08:15 -03:00
Gonzalo Rodriguez	83127dcf6d	Merge pull request #367 from grzuy/clean_dev_deps More cleaning of development dependencies	2018-06-26 14:54:16 -03:00
Gonzalo Rodriguez	6a52e0e070	Fix 'WARNING: open-ended dependency on rack (>= 1.0) is not recommended'	2018-06-26 11:40:19 -03:00
Gonzalo Rodriguez	d511c9e2ba	Make explicit that old rack 0.x is not supported	2018-06-26 11:30:13 -03:00
Gonzalo Rodriguez	9e2fef7abe	Make clear that bundler is a development depdendency	2018-06-26 11:20:57 -03:00
Gonzalo Rodriguez	3c37390c63	Run with latest activesupport/actionpack when developing	2018-06-26 11:15:13 -03:00
Gonzalo Rodriguez	a72bfb5fc7	Only require redis stores when running their respective appraisal	2018-06-22 18:55:27 -03:00
Gonzalo Rodriguez	bd2ade8977	Only require connection_pool running connection_pool appraisal	2018-06-22 17:45:58 -03:00
Gonzalo Rodriguez	79de0d53e1	Only require dalli when running dalli appraisal	2018-06-22 17:45:03 -03:00
Gonzalo Rodriguez	1a532c6cb3	Remove unused development dependency (memcache-client)	2018-06-22 16:17:44 -03:00
Gonzalo Rodriguez	5aedc05121	Merge pull request #359 from grzuy/clean_dev_deps Clean development dependencies	2018-06-22 12:07:18 -03:00
Gonzalo Rodriguez	7a4b206dfd	Let everyone developing rack-attack use compatible/simiar dev deps versions	2018-06-21 15:56:33 -03:00
Gonzalo Rodriguez	aca0fb6f1d	Clarify in gemspec existence of two group of semantically distict dev deps	2018-06-21 15:56:33 -03:00
Gonzalo Rodriguez	0c26efc187	Remove pry as a dev dependency. Using byebug.	2018-06-21 15:56:33 -03:00
Gonzalo Rodriguez	75ed952d43	Remove guard-minitest as a dev dependency	2018-06-21 15:56:24 -03:00
Gonzalo Rodriguez	1504a1f00c	Add useful metadata links to rubygems.org via gemspec	2018-06-21 11:39:35 -03:00
Gonzalo Rodriguez	d5e585680f	Fix CircleCI rubocop runs by excluding vendor/ folder rubocop default configuration exclude vendor/ folder, but in order to get the default we need to merge arrays, given that we are also setting Exclude	2018-06-20 10:29:19 -03:00
Gonzalo Rodriguez	d01c3e61d4	Enforce every rack-attack contributor runs same rubocop version	2018-04-17 16:00:00 -04:00
Gonzalo Rodriguez	29424fb993	Enable Gemspec rubocop cops Run rubocop against oldest supported ruby	2018-04-17 14:08:00 -04:00
Lucas Mansur	11e9557ccb	[Fixes #302 ] Initial style guide adoption (#330 ) * Initial Rubocop configuration * Fix Rubocop layout offenses for lib * Fix some spec offenses * Fix leftover layout offenses	2018-03-30 16:08:00 -03:00
Koen Rouwhorst	0457bf22f9	Updated all non-secure HTTP URLs to HTTPS.	2018-03-29 18:41:40 +02:00
Gonzalo Rodriguez	330d25c832	Acceptance test cache store config when Rails is present	2018-03-20 11:42:27 -03:00
Gonzalo Rodriguez	2406435663	Ability to use byebug easily while developing/testing	2018-03-09 13:52:06 -03:00
Gonzalo Rodriguez	859c212058	Merge branch 'master' into move_all_deps_to_gemspec	2018-03-09 10:19:25 -03:00
Gonzalo Rodriguez	d6d471fea5	Move all dependencies to gemspec	2018-02-02 16:05:04 -03:00
Gonzalo Rodriguez	980633e1a9	Adds acceptance-oriented tests	2018-01-25 18:21:29 -03:00
Vincent Boisard	ba9f2c3be6	fix: move dev depencies to gemspec	2016-01-07 21:00:36 +01:00
Aaron Suggs	76c2e31430	Normalize request paths when using Rails' ActionDispatch The issue --- When using rack-attack with a rails app, developers expect the request path to be normalized. In particular, trailing slashes are stripped so a request path "/login/" becomes "/login" by the time you're in ActionController. Since Rack::Attack runs before ActionDispatch, the request path is not yet normalized. This can cause throttles and blacklists to not work as expected. E.g., a throttle: throttle('logins', ...) {\|req\| req.path == "/login" } would not match a request to '/login/', though Rails would route '/login/' to the same '/login' action. The solution --- This patch looks if ActionDispatch's request normalization is loaded, and if so, uses it to normalize the path before processing throttles, blacklists, etc. If it's not loaded, the request path is not modified. Credit --- Thanks to Andres Riancho at Include Security for reporting this issue.	2015-12-18 11:12:11 -05:00
Aaron Suggs	2b14a1528b	Remove support for ruby 1.9	2015-11-06 10:32:14 -05:00
hakanensari	0640a53cdf	Use Appraisal to test against multiple versions	2014-04-09 13:11:43 +01:00
hakanensari	128c5aa9bf	Support a Dalli Connection Pool	2014-04-01 12:10:32 +01:00
Aaron Suggs	f8b516fb11	Remove debugger as development dependency	2013-12-27 22:28:13 -05:00
Aaron Suggs	5a37bb102f	Add license to gemspec Fixes issue #26	2013-07-17 10:37:26 -04:00
Zach Millman	1c501e81a6	Reduce Ruby version dependency to 1.9.2 Also added 1.9.2 to Travis config file	2013-07-12 15:02:52 -07:00
Vipul A M	384892ce4c	Make debugger dependency only for ruby platforms	2013-05-06 20:58:01 +05:30
Vipul A M	4fcbe790ed	Remove debugger dependency, as it isn't used	2013-05-06 11:53:58 +05:30
Vipul A M	9c0cbad1e7	bump debugger version for 2.0 support	2013-05-03 12:33:38 +05:30
Aaron Suggs	cf508e1d18	Support RedisStore as cache store Add tests for different cache stores	2013-02-25 12:09:59 -05:00
Aaron Suggs	f82750c1c2	Move license to readme …so it doesn't mess with autocomplete.	2012-07-30 15:46:47 -04:00
Aaron Suggs	359ebe9068	Change description	2012-07-29 10:52:00 -04:00
Aaron Suggs	c22c33f9ec	add rake	2012-07-27 09:56:15 -04:00
Aaron Suggs	9284a08cc3	Whitelists support	2012-07-26 17:29:09 -04:00
Aaron Suggs	885b19c633	added license and readme	2012-07-25 10:25:14 -04:00
Aaron Suggs	140ea86b7c	Initial commit	2012-07-24 19:40:55 -04:00

46 commits