class Pakyow::Security::Base

Constants

SAFE_HTTP_METHODS

Public Class Methods

new(config) click to toggle source
# File lib/pakyow/security/base.rb, line 15
def initialize(config)
  @config = config
end

Public Instance Methods

allowed?(_) click to toggle source
# File lib/pakyow/security/base.rb, line 42
def allowed?(_)
  false
end
call(connection) click to toggle source
# File lib/pakyow/security/base.rb, line 19
def call(connection)
  unless safe?(connection) || allowed?(connection)
    reject(connection)
  end

  connection
end
reject(connection) click to toggle source
# File lib/pakyow/security/base.rb, line 27
def reject(connection)
  performing :reject do
    connection.logger.warn "Request rejected by #{self.class}; connection: #{connection.inspect}"

    connection.status = 403
    connection.body = StringIO.new("Forbidden")

    raise InsecureRequest
  end
end
safe?(connection) click to toggle source
# File lib/pakyow/security/base.rb, line 38
def safe?(connection)
  SAFE_HTTP_METHODS.include? connection.method
end