pkgsrc.se | The NetBSD package collection

./www/ruby-rack-protection, Protection for against typical web attacks for Rack application

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.1.0, Package name: ruby27-rack-protection-2.1.0, Maintainer: pkgsrc-users

Rack::Protection

You should use protection!

This gem protects against typical web attacks.
Should work for all Rack apps, including Rails.

Required to run:
[www/ruby-rack] [lang/ruby26-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://rubygems.org/gems/ (Download)

Filesize: 17 KB

Version history: (Expand)

(2021-10-07) Updated to version: ruby27-rack-protection-2.1.0
(2020-09-14) Updated to version: ruby26-rack-protection-2.1.0
(2020-03-20) Updated to version: ruby26-rack-protection-2.0.8.1
(2018-09-23) Updated to version: ruby24-rack-protection-2.0.4
(2018-03-17) Updated to version: ruby24-rack-protection-2.0.1
(2017-06-04) Updated to version: ruby23-rack-protection-2.0.0

CVS history: (Expand)

2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)

Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz

2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)

Log message:
www: Remove SHA1 hashes for distfiles

2020-09-14 17:45:31 by Takahiro Kambe | Files touched by this commit (3) | Package updated

Log message:
www/ruby-rack-protection: update to 2.1.0

Update ruby-rack-protection package to 2.1.0.

2.1.0 (2020-09-05)

* Add Rack::Protection::ReferrerPolicy #1291 by Stefan Sundin

2020-03-20 17:29:38 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
www/ruby-rack-protection: update to 2.0.8.1

Update ruby-rack-protection to 2.0.8.1.

### rack-protection

* Don't track the Accept-Language header by default \ 
[#1504](https://github.com/sinatra/sinatra/pull/1504) by Artem Chistyakov

2018-09-23 19:06:28 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
www/ruby-rack-protection: update to 2.0.4

2.0.4 / 2018-09-15

* Don't blow up when passing frozen string to send_file disposition #1137 by
  Andrew Selder

* Fix ubygems LoadError #1436 by Pavel Rosický

* Unescape regex captures #1446 by Jordan Owens

* Slight performance improvements for IndifferentHash #1427 by Mike Pastore

* Improve development support and documentation and source code by Will Yang,
  Jake Craige, Grey Baker and Guilherme Goettems Schneider

2.0.3 / 2018-06-09

* Fix the backports gem regression #1442 by Marc-André Lafortune

2.0.2 / 2018-06-05

* Escape invalid query parameters #1432 by Kunpei Sakai

	o The patch fixes CVE-2018-11627.

* Fix undefined method error for Sinatra::RequiredParams with hash key #1431
  by Arpit Chauhan

* Add xml content-types to valid html_types for Rack::Protection #1413 by
  Reenan Arbitrario

* Encode route parameters using :default_encoding setting #1412 by Brian
  m. Carlson

* Fix unpredictable behaviour from Sinatra::ConfigFile #1244 by John Hope

* Add Sinatra::IndifferentHash#slice #1405 by Shota Iguchi

* Remove status code 205 from drop body response #1398 by Shota Iguchi

* Ignore empty captures from params #1390 by Shota Iguchi

* Improve development support and documentation and source code by Zp Yuan,
  Andreas Finger, Olle Jonsson, Shota Iguchi, Nikita Bulai and Joshua O'Brien

2018-03-17 16:52:27 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
www/ruby-rack-protection: update to 2.0.1

0.2.1						2018/02/16

* enhanced path validation in Windows

2018-01-08 23:09:48 by Takahiro Kambe | Files touched by this commit (2)

Log message:
www: allow use of ruby25

2017-07-31 00:32:28 by Thomas Klausner | Files touched by this commit (229)

Log message:
Switch github HOMEPAGEs to https.