mirror of
https://github.com/samsonjs/rack-attack.git
synced 2026-03-25 09:25:49 +00:00
6af29fb44e
'defined?' is buggy in ruby 2.5.0, which under certain circumstances users using rack-attack can hit. See issue #253. I reported (https://bugs.ruby-lang.org/issues/14407) and fixed (https://github.com/ruby/ruby/pull/1800) the issue in ruby already, but i guess i would take some time before there's a new ruby release including that fix. So for now we would need to circumvent this bug by using 'const_defined?' instead of 'defined?' for this particular case. More details: Anyone using: * ruby 2.5.0 * redis * rack-attack without redis-store and using at least one throttle * having a toplevel class named Store will hit this ruby 2.5.0 bug https://bugs.ruby-lang.org/issues/14407 That's because of the following buggy behavior of 'defined?' under ruby 2.5: ``` $ ruby -v ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-linux] $ irb > class Redis > end => nil > class Store > end => nil > defined?(::Redis::Store) => "constant" > ::Redis::Store NameError (uninitialized constant Redis::Store Did you mean? Store) ``` |
||
|---|---|---|
| .. | ||
| store_proxy | ||
| allow2ban.rb | ||
| blocklist.rb | ||
| cache.rb | ||
| check.rb | ||
| fail2ban.rb | ||
| path_normalizer.rb | ||
| request.rb | ||
| safelist.rb | ||
| store_proxy.rb | ||
| throttle.rb | ||
| track.rb | ||
| version.rb | ||