From baebd3d0a4cc95f03398347c6f4c657b3a1a16a4 Mon Sep 17 00:00:00 2001 From: Gregory Huczynski Date: Sat, 30 Dec 2023 19:09:37 +0000 Subject: [PATCH 1/3] Update Ruby and dependencies, and make Rubocop fixes --- .rubocop.yml | 45 +++++-------------- .ruby-version | 1 + .travis.yml | 4 +- Rakefile | 5 ++- lib/rack/cloudflare/ips.rb | 4 +- .../cloudflare/middleware/rewrite_headers.rb | 4 +- rack-cloudflare.gemspec | 10 +++-- spec/rack/cloudflare_spec.rb | 14 +++--- spec/spec_helper.rb | 2 + 9 files changed, 39 insertions(+), 50 deletions(-) create mode 100644 .ruby-version diff --git a/.rubocop.yml b/.rubocop.yml index 2088aa7..175c1ec 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,47 +1,24 @@ AllCops: - TargetRubyVersion: 2.5.1 - # Rails: true - # Include: - # - '**/Rakefile' - # - '**/config.ru' + TargetRubyVersion: 3.1.4 + NewCops: enable Exclude: - - 'doc/**/*' - - 'tmp/**/*' - 'bin/**/*' - - 'db/**/*' - - 'test/**/*' - - 'config/**/*' - - 'script/**/*' - - 'vendor/**/*' - - 'spec/**/*' - - !ruby/regexp /old_and_unused\.rb$/ -# Style/WhileUntilModifier: -# MaxLineLength: 160 - -# Style/IfUnlessModifier: -# MaxLineLength: 160 - -Metrics/LineLength: - Max: 160 +Gemspec/DevelopmentDependencies: + EnforcedStyle: gemspec Metrics/AbcSize: - Max: 120 - -Metrics/MethodLength: - CountComments: false # count full line comments? - Max: 120 - -NumericPredicate: - EnforcedStyle: comparison + Max: 20 -Style/Documentation: +Metrics/CollectionLiteralLength: Enabled: false Metrics/ModuleLength: Exclude: - 'lib/rack/cloudflare/countries.rb' -Naming/FileName: - Exclude: - - 'rack-cloudflare.gemspec' \ No newline at end of file +RSpec/ExampleLength: + Max: 15 + +Style/Documentation: + Enabled: false \ No newline at end of file diff --git a/.ruby-version b/.ruby-version new file mode 100644 index 0000000..0aec50e --- /dev/null +++ b/.ruby-version @@ -0,0 +1 @@ +3.1.4 diff --git a/.travis.yml b/.travis.yml index 18a30f6..785cf87 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ sudo: false language: ruby rvm: - - 2.5.1 -before_install: gem install bundler -v 1.16.2 + - 3.1.4 +before_install: gem install bundler -v 2.3.26 diff --git a/Rakefile b/Rakefile index 580a77c..4a67bd0 100644 --- a/Rakefile +++ b/Rakefile @@ -6,6 +6,7 @@ require 'rubocop/rake_task' require 'rubycritic/rake_task' RuboCop::RakeTask.new do |task| + task.requires << 'rubocop-rake' task.requires << 'rubocop-rspec' end @@ -27,5 +28,5 @@ end RSpec::Core::RakeTask.new(:spec) -# task default: %w[rubocop:auto_correct rubycritic spec] -task default: %w[rubocop:auto_correct spec] +# task default: %w[rubocop:autocorrect rubycritic spec] +task default: %w[rubocop:autocorrect spec] diff --git a/lib/rack/cloudflare/ips.rb b/lib/rack/cloudflare/ips.rb index 2ea1896..36dd217 100644 --- a/lib/rack/cloudflare/ips.rb +++ b/lib/rack/cloudflare/ips.rb @@ -26,8 +26,8 @@ def update! def fetch(url) Cloudflare.info "[#{name}] Updating Cloudflare IP list: #{url.inspect}" parse URI(url).read - rescue OpenURI::HTTPError => ex - Cloudflare.error "[#{name}] #{ex.class.name} fetching #{url.inspect}: #{ex.message}" + rescue OpenURI::HTTPError => e + Cloudflare.error "[#{name}] #{e.class.name} fetching #{url.inspect}: #{e.message}" [] end diff --git a/lib/rack/cloudflare/middleware/rewrite_headers.rb b/lib/rack/cloudflare/middleware/rewrite_headers.rb index 09fc8d6..615502e 100644 --- a/lib/rack/cloudflare/middleware/rewrite_headers.rb +++ b/lib/rack/cloudflare/middleware/rewrite_headers.rb @@ -11,7 +11,9 @@ def initialize(app) def call(env) headers = Headers.new(env) - Cloudflare.warn "[#{self.class.name}] Untrusted Network (REMOTE_ADDR): #{headers.target_headers}" unless headers.trusted? + unless headers.trusted? + Cloudflare.warn "[#{self.class.name}] Untrusted Network (REMOTE_ADDR): #{headers.target_headers}" + end Cloudflare.debug "[#{self.class.name}] Target Headers: #{headers.target_headers}" Cloudflare.debug "[#{self.class.name}] Rewritten Headers: #{headers.rewritten_target_headers}" diff --git a/rack-cloudflare.gemspec b/rack-cloudflare.gemspec index 76071aa..a701045 100644 --- a/rack-cloudflare.gemspec +++ b/rack-cloudflare.gemspec @@ -9,6 +9,7 @@ Gem::Specification.new do |spec| spec.version = Rack::Cloudflare::VERSION spec.authors = ['Joel Van Horn'] spec.email = ['joel@joelvanhorn.com'] + spec.required_ruby_version = '>= 3.1.4' spec.summary = 'Deal with Cloudflare features in Rack-based apps.' spec.description = 'Deal with Cloudflare features in Rack-based apps.' @@ -23,9 +24,12 @@ Gem::Specification.new do |spec| spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } spec.require_paths = ['lib'] - spec.add_development_dependency 'bundler', '~> 1.16' - spec.add_development_dependency 'rake', '~> 10.0' - spec.add_development_dependency 'rspec', '~> 3.0' + spec.add_development_dependency 'bundler', '~> 2.5' + spec.add_development_dependency 'rake', '~> 13.1' + spec.add_development_dependency 'rspec', '~> 3.12' spec.add_development_dependency 'rubocop' + spec.add_development_dependency 'rubocop-rake' + spec.add_development_dependency 'rubocop-rspec' spec.add_development_dependency 'rubycritic' + spec.metadata['rubygems_mfa_required'] = 'true' end diff --git a/spec/rack/cloudflare_spec.rb b/spec/rack/cloudflare_spec.rb index e827b6e..acd954b 100644 --- a/spec/rack/cloudflare_spec.rb +++ b/spec/rack/cloudflare_spec.rb @@ -1,8 +1,10 @@ +# frozen_string_literal: true + RSpec.describe Rack::Cloudflare do let!(:default_message) { Rack::Cloudflare::Middleware::AccessControl.message } let!(:default_response) { Rack::Cloudflare::Middleware::AccessControl.response } - before(:each) do + before do Rack::Cloudflare::Headers.backup = true Rack::Cloudflare::Headers.remove_proxies = false Rack::Cloudflare::Headers.original_remote_addr = 'ORIGINAL_REMOTE_ADDR' @@ -82,7 +84,7 @@ ) end - it "removes proxies when Headers.remove_proxies = true" do + it 'removes proxies when Headers.remove_proxies = true' do env = { 'REMOTE_ADDR' => '103.21.244.1', 'HTTP_CF_CONNECTING_IP' => '1.2.3.4', @@ -204,7 +206,7 @@ 'HTTP_X_FORWARDED_FOR' => '74.64.167.164, 173.245.52.147' ) end - + it 'blocks access for non-Cloudflare networks with 404 preset' do env = { 'REMOTE_ADDR' => '127.0.0.1' } Rack::Cloudflare::Middleware::AccessControl.as(:not_found) @@ -212,16 +214,16 @@ expect(middleware.call(env)).to eq([404, { 'Content-Type' => 'text/plain' }, ["Not Found\n"]]) end - + it 'blocks access for non-Cloudflare networks with 404 preset and custom message' do env = { 'REMOTE_ADDR' => '127.0.0.1' } Rack::Cloudflare::Middleware::AccessControl.as(:not_found) - Rack::Cloudflare::Middleware::AccessControl.message = "Oops..." + Rack::Cloudflare::Middleware::AccessControl.message = 'Oops...' middleware = Rack::Cloudflare::Middleware::AccessControl.new(->(*) { 'success' }) expect(middleware.call(env)).to eq([404, { 'Content-Type' => 'text/plain' }, ["Oops...\n"]]) end - + it 'blocks access for non-Cloudflare networks with 404 preset and custom message keyword' do env = { 'REMOTE_ADDR' => '127.0.0.1' } Rack::Cloudflare::Middleware::AccessControl.as(:not_found, message: 'Woah...') diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 224162e..ff5ced8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'bundler/setup' require 'rack/cloudflare' From 4d64dbd2b2cb479d877c6b01243e6d9bf591e8f6 Mon Sep 17 00:00:00 2001 From: Gregory Huczynski Date: Sat, 30 Dec 2023 19:18:47 +0000 Subject: [PATCH 2/3] Update data files to latest from cloudflare.com --- data/ips_v4.txt | 17 +++++++++-------- data/ips_v6.txt | 7 ++++--- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/data/ips_v4.txt b/data/ips_v4.txt index abaecad..626248f 100644 --- a/data/ips_v4.txt +++ b/data/ips_v4.txt @@ -1,14 +1,15 @@ +173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 -104.16.0.0/12 -108.162.192.0/18 -131.0.72.0/22 141.101.64.0/18 -162.158.0.0/15 -172.64.0.0/13 -173.245.48.0/20 -188.114.96.0/20 +108.162.192.0/18 190.93.240.0/20 +188.114.96.0/20 197.234.240.0/22 -198.41.128.0/17 \ No newline at end of file +198.41.128.0/17 +162.158.0.0/15 +104.16.0.0/13 +104.24.0.0/14 +172.64.0.0/13 +131.0.72.0/22 \ No newline at end of file diff --git a/data/ips_v6.txt b/data/ips_v6.txt index 8a1c0ce..4584f6a 100644 --- a/data/ips_v6.txt +++ b/data/ips_v6.txt @@ -1,6 +1,7 @@ 2400:cb00::/32 -2405:b500::/32 2606:4700::/32 2803:f800::/32 -2c0f:f248::/32 -2a06:98c0::/29 \ No newline at end of file +2405:b500::/32 +2405:8100::/32 +2a06:98c0::/29 +2c0f:f248::/32 \ No newline at end of file From bc520d6e060103b9aa387ea25689fee2e4c185fc Mon Sep 17 00:00:00 2001 From: Gregory Huczynski Date: Sat, 30 Dec 2023 20:02:46 +0000 Subject: [PATCH 3/3] Update version --- lib/rack/cloudflare/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rack/cloudflare/version.rb b/lib/rack/cloudflare/version.rb index 26d7ff7..9e836ed 100644 --- a/lib/rack/cloudflare/version.rb +++ b/lib/rack/cloudflare/version.rb @@ -2,6 +2,6 @@ module Rack class Cloudflare - VERSION = '1.0.5' + VERSION = '1.0.6' end end