Skip to content

Commit 3adc4e7

Browse files
gildesmaraisgildesmarais
committed
feat: setup rack-protection
Signed-off-by: Gil Desmarais <[email protected]>
1 parent 59831cd commit 3adc4e7

File tree

3 files changed

+31
-16
lines changed

3 files changed

+31
-16
lines changed

Gemfile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ gem 'html2rss-configs', github: 'html2rss/html2rss-configs'
1414
gem 'erubi'
1515
gem 'parallel'
1616
gem 'rack-cache'
17+
gem 'rack-protection'
1718
gem 'rack-timeout'
1819
gem 'rack-unreloader'
1920
gem 'roda'

Gemfile.lock

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ GEM
1111
addressable (2.8.7)
1212
public_suffix (>= 2.0.2, < 7.0)
1313
ast (2.4.2)
14+
base64 (0.2.0)
1415
byebug (11.1.3)
1516
concurrent-ruby (1.3.4)
1617
crass (1.0.6)
@@ -73,6 +74,9 @@ GEM
7374
rack (3.1.7)
7475
rack-cache (1.17.0)
7576
rack (>= 0.4)
77+
rack-protection (4.0.0)
78+
base64 (>= 0.1.0)
79+
rack (>= 3.0.0, < 4)
7680
rack-timeout (0.7.0)
7781
rack-unreloader (2.1.0)
7882
rainbow (3.1.1)
@@ -156,6 +160,7 @@ DEPENDENCIES
156160
parallel
157161
puma
158162
rack-cache
163+
rack-protection
159164
rack-timeout
160165
rack-unreloader
161166
rake

config.ru

Lines changed: 25 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -2,26 +2,35 @@
22

33
require 'rubygems'
44
require 'bundler/setup'
5+
require 'rack/protection'
6+
require 'rack/protection/path_traversal'
57

6-
dev = ENV.fetch('RACK_ENV', nil) == 'development'
8+
use Rack::Protection
9+
use Rack::Protection::PathTraversal
710

8-
if dev
11+
if (dev = ENV.fetch('RACK_ENV', nil) == 'development')
912
require 'logger'
13+
require 'rack/unreloader'
14+
1015
logger = Logger.new($stdout)
11-
end
16+
Unreloader = Rack::Unreloader.new(subclasses: %w[Roda Html2rss],
17+
logger:,
18+
reload: dev) do
19+
App::App
20+
end
1221

13-
require 'rack/unreloader'
14-
Unreloader = Rack::Unreloader.new(subclasses: %w[Roda Html2rss],
15-
logger:,
16-
reload: dev) do
17-
App::App
18-
end
22+
Unreloader.require('app.rb') { 'App' }
23+
Unreloader.require('./app/health_check.rb')
24+
Unreloader.require('./app/html2rss_facade.rb')
25+
Unreloader.require('./app/http_cache.rb')
26+
Unreloader.require('./app/local_config.rb')
27+
Unreloader.require('./app/request_path.rb')
1928

20-
Unreloader.require('app.rb') { 'App' }
21-
Unreloader.require('./app/health_check.rb')
22-
Unreloader.require('./app/html2rss_facade.rb')
23-
Unreloader.require('./app/http_cache.rb')
24-
Unreloader.require('./app/local_config.rb')
25-
Unreloader.require('./app/request_path.rb')
29+
run Unreloader
30+
else
31+
require_relative 'app'
32+
33+
Dir['./app/**/*.rb'].each { |f| require_relative f }
34+
end
2635

27-
run(dev ? Unreloader : App::App.freeze.app)
36+
run App::App.freeze.app

0 commit comments

Comments
 (0)