Skip to content

Commit

Permalink
feat: setup rack-protection
Browse files Browse the repository at this point in the history
Signed-off-by: Gil Desmarais <[email protected]>
  • Loading branch information
gildesmarais committed Aug 16, 2024
1 parent 59831cd commit 3adc4e7
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 16 deletions.
1 change: 1 addition & 0 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ gem 'html2rss-configs', github: 'html2rss/html2rss-configs'
gem 'erubi'
gem 'parallel'
gem 'rack-cache'
gem 'rack-protection'
gem 'rack-timeout'
gem 'rack-unreloader'
gem 'roda'
Expand Down
5 changes: 5 additions & 0 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ GEM
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
ast (2.4.2)
base64 (0.2.0)
byebug (11.1.3)
concurrent-ruby (1.3.4)
crass (1.0.6)
Expand Down Expand Up @@ -73,6 +74,9 @@ GEM
rack (3.1.7)
rack-cache (1.17.0)
rack (>= 0.4)
rack-protection (4.0.0)
base64 (>= 0.1.0)
rack (>= 3.0.0, < 4)
rack-timeout (0.7.0)
rack-unreloader (2.1.0)
rainbow (3.1.1)
Expand Down Expand Up @@ -156,6 +160,7 @@ DEPENDENCIES
parallel
puma
rack-cache
rack-protection
rack-timeout
rack-unreloader
rake
Expand Down
41 changes: 25 additions & 16 deletions config.ru
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,35 @@

require 'rubygems'
require 'bundler/setup'
require 'rack/protection'
require 'rack/protection/path_traversal'

dev = ENV.fetch('RACK_ENV', nil) == 'development'
use Rack::Protection
use Rack::Protection::PathTraversal

if dev
if (dev = ENV.fetch('RACK_ENV', nil) == 'development')
require 'logger'
require 'rack/unreloader'

logger = Logger.new($stdout)
end
Unreloader = Rack::Unreloader.new(subclasses: %w[Roda Html2rss],
logger:,
reload: dev) do
App::App
end

require 'rack/unreloader'
Unreloader = Rack::Unreloader.new(subclasses: %w[Roda Html2rss],
logger:,
reload: dev) do
App::App
end
Unreloader.require('app.rb') { 'App' }
Unreloader.require('./app/health_check.rb')
Unreloader.require('./app/html2rss_facade.rb')
Unreloader.require('./app/http_cache.rb')
Unreloader.require('./app/local_config.rb')
Unreloader.require('./app/request_path.rb')

Unreloader.require('app.rb') { 'App' }
Unreloader.require('./app/health_check.rb')
Unreloader.require('./app/html2rss_facade.rb')
Unreloader.require('./app/http_cache.rb')
Unreloader.require('./app/local_config.rb')
Unreloader.require('./app/request_path.rb')
run Unreloader
else
require_relative 'app'

Dir['./app/**/*.rb'].each { |f| require_relative f }
end

run(dev ? Unreloader : App::App.freeze.app)
run App::App.freeze.app

0 comments on commit 3adc4e7

Please sign in to comment.