diff --git a/lib/rack/attack.rb b/lib/rack/attack.rb index fda47984..ce143d77 100644 --- a/lib/rack/attack.rb +++ b/lib/rack/attack.rb @@ -32,13 +32,10 @@ class IncompatibleStoreError < Error; end autoload :Fail2Ban, 'rack/attack/fail2ban' autoload :Allow2Ban, 'rack/attack/allow2ban' - DEFAULT_ALLOWED_ERRORS = %w[Dalli::DalliError Redis::BaseError].freeze - class << self attr_accessor :enabled, :notifier, - :throttle_discriminator_normalizer, - :allowed_errors + :throttle_discriminator_normalizer attr_reader :configuration @@ -97,13 +94,12 @@ def allow_error?(error) :safelists, :blocklists, :throttles, - :tracks + :tracks, + :allowed_errors, + :allowed_errors= ) end - # Set class defaults - self.allowed_errors = DEFAULT_ALLOWED_ERRORS.dup - # Set instance defaults @enabled = true @notifier = ActiveSupport::Notifications if defined?(ActiveSupport::Notifications) diff --git a/lib/rack/attack/configuration.rb b/lib/rack/attack/configuration.rb index a4bdc987..696ef7c0 100644 --- a/lib/rack/attack/configuration.rb +++ b/lib/rack/attack/configuration.rb @@ -5,6 +5,8 @@ module Rack class Attack class Configuration + DEFAULT_ALLOWED_ERRORS = %w[Dalli::DalliError Redis::BaseError].freeze + DEFAULT_BLOCKLISTED_RESPONDER = lambda { |_req| [403, { 'content-type' => 'text/plain' }, ["Forbidden\n"]] } DEFAULT_THROTTLED_RESPONDER = lambda do |req| @@ -19,10 +21,20 @@ class Configuration end end - attr_reader :safelists, :blocklists, :throttles, :anonymous_blocklists, :anonymous_safelists - attr_accessor :blocklisted_responder, :throttled_responder, :throttled_response_retry_after_header + attr_reader :safelists, + :blocklists, + :throttles, + :anonymous_blocklists, + :anonymous_safelists + + attr_accessor :allowed_errors, + :blocklisted_responder, + :throttled_responder, + :throttled_response_retry_after_header - attr_reader :blocklisted_response, :throttled_response # Keeping these for backwards compatibility + # Keeping these for backwards compatibility + attr_reader :blocklisted_response, + :throttled_response def blocklisted_response=(responder) warn "[DEPRECATION] Rack::Attack.blocklisted_response is deprecated. "\ @@ -116,6 +128,7 @@ def set_defaults @anonymous_blocklists = [] @anonymous_safelists = [] @throttled_response_retry_after_header = false + @allowed_errors = DEFAULT_ALLOWED_ERRORS.dup @blocklisted_responder = DEFAULT_BLOCKLISTED_RESPONDER @throttled_responder = DEFAULT_THROTTLED_RESPONDER diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 4de9e85a..37ae8f9f 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -35,7 +35,7 @@ class Minitest::Spec after do Rack::Attack.clear_configuration Rack::Attack.instance_variable_set(:@cache, nil) - Rack::Attack.allowed_errors = Rack::Attack::DEFAULT_ALLOWED_ERRORS.dup + Rack::Attack.allowed_errors = Rack::Attack::Configuration::DEFAULT_ALLOWED_ERRORS.dup end def app