Skip to content

Commit

Permalink
feat: setup rack-protection
Browse files Browse the repository at this point in the history 
Signed-off-by: Gil Desmarais <[email protected]>
  • Loading branch information
@gildesmarais
gildesmarais committed Aug 17, 2024
1 parent 929ae67 commit 121f05f
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 7 deletions.
2 changes: 0 additions & 2 deletions .rubocop.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ AllCops:
Metrics/BlockLength:
Exclude:
- Rakefile
ExcludedMethods:
- route

Naming/RescuedExceptionsVariableName:
PreferredName: error
Expand Down
1 change: 1 addition & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ gem 'html2rss-configs', github: 'html2rss/html2rss-configs'
gem 'erubi'
gem 'parallel'
gem 'rack-cache'
gem 'rack-protection'
gem 'rack-timeout'
gem 'rack-unreloader'
gem 'roda'
Expand Down
5 changes: 5 additions & 0 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ GEM
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
ast (2.4.2)
base64 (0.2.0)
byebug (11.1.3)
concurrent-ruby (1.3.4)
crass (1.0.6)
Expand Down Expand Up @@ -73,6 +74,9 @@ GEM
rack (3.1.7)
rack-cache (1.17.0)
rack (>= 0.4)
rack-protection (4.0.0)
base64 (>= 0.1.0)
rack (>= 3.0.0, < 4)
rack-timeout (0.7.0)
rack-unreloader (2.1.0)
rainbow (3.1.1)
Expand Down Expand Up @@ -158,6 +162,7 @@ DEPENDENCIES
parallel
puma
rack-cache
rack-protection
rack-timeout
rack-unreloader
rake
Expand Down
13 changes: 8 additions & 5 deletions config.ru
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,24 @@
require 'rubygems'
require 'bundler/setup'
require 'rack-timeout'
require 'rack/protection'
require 'rack/protection/path_traversal'

use Rack::Timeout

dev = ENV.fetch('RACK_ENV', nil) == 'development'
use Rack::Protection
use Rack::Protection::PathTraversal

requires = Dir['app/**/*.rb']

if dev
if ENV.fetch('RACK_ENV', nil) == 'development'
require 'logger'
require 'rack/unreloader'

logger = Logger.new($stdout)

require 'rack/unreloader'
Unreloader = Rack::Unreloader.new(subclasses: %w[Roda Html2rss],
logger:,
reload: dev) do
reload: true) do
Html2rss::Web::App
end
Unreloader.require('app.rb') { 'Html2rss::Web::App' }
Expand Down

0 comments on commit 121f05f

Please sign in to comment.