Add Rack::Protection to sites
This commit is contained in:
Seth Vargo
parent
7328f91da2
commit
b03b7f56a0
|
|
@ -10,6 +10,7 @@ gem "redcarpet", "~> 2.2.2"
|
|||
gem "rb-inotify", "~> 0.9", require: false
|
||||
gem "therubyracer", "~> 0.12.0"
|
||||
gem "thin", "~> 1.5.0"
|
||||
gem "rack-protection", "~> 1.5"
|
||||
|
||||
group :development do
|
||||
gem "highline", "~> 1.6.15"
|
||||
|
|
|
|||
|
|
@ -138,6 +138,7 @@ DEPENDENCIES
|
|||
middleman (~> 3.0.6)
|
||||
middleman-minify-html (~> 3.0.0)
|
||||
rack-contrib (~> 1.1.0)
|
||||
rack-protection (~> 1.5)
|
||||
rb-inotify (~> 0.9)
|
||||
redcarpet (~> 2.2.2)
|
||||
therubyracer (~> 0.12.0)
|
||||
|
|
|
|||
|
|
@ -4,10 +4,21 @@ require "rack/contrib/not_found"
|
|||
require "rack/contrib/response_headers"
|
||||
require "rack/contrib/static_cache"
|
||||
require "rack/contrib/try_static"
|
||||
require "rack/protection"
|
||||
|
||||
require File.expand_path("../lib/redirect_to_latest", __FILE__)
|
||||
require File.expand_path("../lib/redirect_v1_docs", __FILE__)
|
||||
|
||||
# Protect against various bad things
|
||||
use Rack::Protection::JsonCsrf
|
||||
use Rack::Protection::RemoteReferrer
|
||||
use Rack::Protection::HttpOrigin
|
||||
use Rack::Protection::EscapedParams
|
||||
use Rack::Protection::XSSHeader
|
||||
use Rack::Protection::FrameOptions
|
||||
use Rack::Protection::PathTraversal
|
||||
use Rack::Protection::IPSpoofing
|
||||
|
||||
# Properly compress the output if the client can handle it.
|
||||
use Rack::Deflater
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ gem "rack-contrib", "~> 1.1.0"
|
|||
gem "redcarpet", "~> 3.0.0"
|
||||
gem "therubyracer", "~> 0.12.0"
|
||||
gem "thin", "~> 1.5.0"
|
||||
gem "rack-protection", "~> 1.5"
|
||||
|
||||
group :development do
|
||||
gem "highline", "~> 1.6.15"
|
||||
|
|
|
|||
|
|
@ -81,6 +81,8 @@ GEM
|
|||
rack (1.6.0)
|
||||
rack-contrib (1.1.0)
|
||||
rack (>= 0.9.1)
|
||||
rack-protection (1.5.3)
|
||||
rack
|
||||
rack-test (0.6.3)
|
||||
rack (>= 1.0)
|
||||
rb-fsevent (0.9.4)
|
||||
|
|
@ -127,6 +129,7 @@ DEPENDENCIES
|
|||
middleman-minify-html (~> 3.1.1)
|
||||
nokogiri (~> 1.6.0)
|
||||
rack-contrib (~> 1.1.0)
|
||||
rack-protection (~> 1.5)
|
||||
redcarpet (~> 3.0.0)
|
||||
therubyracer (~> 0.12.0)
|
||||
thin (~> 1.5.0)
|
||||
|
|
|
|||
|
|
@ -3,9 +3,20 @@ require "rack/contrib/not_found"
|
|||
require "rack/contrib/response_headers"
|
||||
require "rack/contrib/static_cache"
|
||||
require "rack/contrib/try_static"
|
||||
require "rack/protection"
|
||||
|
||||
require File.expand_path("../lib/legacy_redirect", __FILE__)
|
||||
|
||||
# Protect against various bad things
|
||||
use Rack::Protection::JsonCsrf
|
||||
use Rack::Protection::RemoteReferrer
|
||||
use Rack::Protection::HttpOrigin
|
||||
use Rack::Protection::EscapedParams
|
||||
use Rack::Protection::XSSHeader
|
||||
use Rack::Protection::FrameOptions
|
||||
use Rack::Protection::PathTraversal
|
||||
use Rack::Protection::IPSpoofing
|
||||
|
||||
# Properly compress the output if the client can handle it.
|
||||
use Rack::Deflater
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue