Faster
Update dnsbl_check plugin to latest version. Update Maruku to latest version. In the wiki_controller, only apply the dnsbl_check before_filter to the :edit, :new, and :save actions, instead of all actions. This makes mundane "show" requests faster, but does not compromise spam-fighting ability.
This commit is contained in:
parent
9237858256
commit
5d2b0da4d5
10 changed files with 61 additions and 25 deletions
|
@ -2,6 +2,7 @@ class AdminController < ApplicationController
|
|||
|
||||
layout 'default'
|
||||
cache_sweeper :web_sweeper
|
||||
before_filter :dnsbl_check
|
||||
|
||||
def create_system
|
||||
if @wiki.setup?
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
class ApplicationController < ActionController::Base
|
||||
# require 'dnsbl_check'
|
||||
protect_forms_from_spam
|
||||
before_filter :dnsbl_check, :connect_to_model, :check_authorization, :setup_url_generator, :set_content_type_header, :set_robots_metatag
|
||||
before_filter :connect_to_model, :check_authorization, :setup_url_generator, :set_content_type_header, :set_robots_metatag
|
||||
after_filter :remember_location, :teardown_url_generator
|
||||
|
||||
# For injecting a different wiki model implementation. Intended for use in tests
|
||||
|
|
|
@ -7,7 +7,7 @@ class FileController < ApplicationController
|
|||
|
||||
layout 'default'
|
||||
|
||||
before_filter :check_allow_uploads
|
||||
before_filter :dnsbl_check, :check_allow_uploads
|
||||
|
||||
def file
|
||||
@file_name = params['id']
|
||||
|
|
|
@ -7,6 +7,7 @@ require 'resolv'
|
|||
class WikiController < ApplicationController
|
||||
|
||||
before_filter :load_page
|
||||
before_filter :dnsbl_check, :only => [:edit, :new, :save]
|
||||
caches_action :show, :published, :authors, :tex, :s5, :print, :recently_revised, :list,
|
||||
:atom_with_content, :atom_with_headlines, :if => Proc.new { |c| c.send(:do_caching?) }
|
||||
cache_sweeper :revision_sweeper
|
||||
|
|
|
@ -602,6 +602,21 @@ class WikiControllerTest < Test::Unit::TestCase
|
|||
assert !home_page.locked?(Time.now)
|
||||
end
|
||||
|
||||
def test_dnsbl_filter_deny_action
|
||||
@request.remote_addr = "127.0.0.2"
|
||||
r = process 'save', 'web' => 'wiki1', 'id' => 'NewPage', 'content' => "Contents of a new page\r\n",
|
||||
'author' => 'AuthorOfNewPage'
|
||||
|
||||
assert_equal 403, r.response_code
|
||||
end
|
||||
|
||||
def test_dnsbl_filter_allow_action
|
||||
@request.remote_addr = "127.0.0.2"
|
||||
r = process 'show', 'id' => 'Oak', 'web' => 'wiki1'
|
||||
assert_response :success
|
||||
assert_tag :content => /All about oak/
|
||||
end
|
||||
|
||||
def test_spam_filters
|
||||
revisions_before = @home.revisions.size
|
||||
@home.lock(Time.now, 'AnAuthor')
|
||||
|
|
33
vendor/plugins/dnsbl_check/README
vendored
33
vendor/plugins/dnsbl_check/README
vendored
|
@ -1,6 +1,7 @@
|
|||
This plugin checks if the client is listed in RBLs (Real-time Blackhole Lists).
|
||||
These are lists of IP addresses misbehaving. There are many RBLs, some are more
|
||||
aggressive than others. More information at http://en.wikipedia.org/wiki/DNSBL
|
||||
This plugin checks if a user of your web application is listed in DNSBLs
|
||||
(DNS Blackhole Lists). These are lists of misbehaving IP addresses.
|
||||
There are many DNSBLs, some are more aggressive than others.
|
||||
More information at http://en.wikipedia.org/wiki/DNSBL
|
||||
|
||||
This filter will result in one DNS request for every blocklist that you have
|
||||
configured. This might be problematic for sites under heavy load, although this
|
||||
|
@ -10,23 +11,23 @@ request takes a few miliseconds to complete, after all.
|
|||
|
||||
INSTALLATION
|
||||
|
||||
1. Download dnsbl_check-(version).tar.gz. You agree to the license.
|
||||
2. Go to your application's 'vendor/plugins' directory
|
||||
3. Untar (un-winzip) the above file: tar xvfz dnsbl_check.tar.gz
|
||||
4. Restart your application.
|
||||
1. execute "script/plugin install http://www.spacebabies.nl/svn/dnsbl_check"
|
||||
2. add "before_filter :dnsbl_check" to controllers that need checking
|
||||
3. restart your application.
|
||||
|
||||
|
||||
VERSION HISTORY
|
||||
|
||||
0.1 18 June 2006 Initial release
|
||||
0.2 10 June 2006 Renamed to dnsbl_check, bugfix
|
||||
0.3 20 June 2006 Removed sorbs from distribution, was not supposed to be included (too aggressive)
|
||||
0.4 18 July 2006 Explicit return false added, moved to a per-controller basis (not global anymore)
|
||||
1.0 16 August 2006 Renamed 0.4 to 1.0. I have been using the plugin very succesfully for months now.
|
||||
1.1 17 October 2006 Multithreaded version
|
||||
1.2 23 October 2006 Using the native Ruby resolver library for better multithreaded support
|
||||
1.2.1 25 October 2006 Accepts a wider range of dns responses
|
||||
1.2.2 11 December 2006 dnsbls are seemingly under attack, added code to cope with failing service
|
||||
0.1 18 June 2006 Initial release
|
||||
0.2 10 June 2006 Renamed to dnsbl_check, bugfix
|
||||
0.3 20 June 2006 Removed sorbs from distribution, was not supposed to be included (too aggressive)
|
||||
0.4 18 July 2006 Explicit return false added, moved to a per-controller basis (not global anymore)
|
||||
1.0 16 August 2006 Renamed 0.4 to 1.0. I have been using the plugin very succesfully for months now.
|
||||
1.1 17 October 2006 Multithreaded version
|
||||
1.2 23 October 2006 Using the native Ruby resolver library for better multithreaded support
|
||||
1.2.1 25 October 2006 Accepts a wider range of dns responses
|
||||
1.2.2 11 December 2006 dnsbls are seemingly under attack, added code to cope with failing service
|
||||
1.3 30 November 2007 Chique 403 template, moved to Subversion based installation
|
||||
|
||||
|
||||
MORE INFORMATION
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
||||
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
#
|
||||
# Version 1.2
|
||||
# Version 1.3
|
||||
# http://www.spacebabies.nl/dnsbl_check
|
||||
require 'resolv'
|
||||
|
||||
|
@ -27,6 +27,7 @@ module DNSBL_Check
|
|||
private
|
||||
# Filter to check if the client is listed. This will be run before all requests.
|
||||
def dnsbl_check
|
||||
return true if respond_to?(:logged_in?) && logged_in?
|
||||
return true if $dnsbl_passed.include? request.remote_addr
|
||||
|
||||
passed = true
|
||||
|
@ -48,7 +49,8 @@ module DNSBL_Check
|
|||
|
||||
# Add client ip to global passed cache if no dnsbls objected. else deny service.
|
||||
if passed
|
||||
$dnsbl_passed = $dnsbl_passed[0,49].unshift request.remote_addr
|
||||
# $dnsbl_passed = $dnsbl_passed[0,99].unshift request.remote_addr
|
||||
$dnsbl_passed.push request.remote_addr
|
||||
logger.warn("#{request.remote_addr} added to DNSBL passed cache")
|
||||
else
|
||||
render :text => 'Access denied', :status => 403
|
||||
|
|
6
vendor/plugins/maruku/AUTHORS
vendored
6
vendor/plugins/maruku/AUTHORS
vendored
|
@ -1,9 +1,11 @@
|
|||
Authors:
|
||||
Code and patches from:
|
||||
|
||||
* [Andrea Censi](http://www.dis.uniroma1.it/~acensi)
|
||||
* [Jacques Distler](http://golem.ph.utexas.edu/~distler)
|
||||
* Paul Dlug
|
||||
* [Ari Stern](http://www.acm.caltech.edu/~astern)
|
||||
* Damir Zekic (z3c)
|
||||
* Alexandr Mankuta (cheba)
|
||||
|
||||
Bug reporting, feature requests and praise:
|
||||
|
||||
|
@ -12,6 +14,6 @@ Bug reporting, feature requests and praise:
|
|||
* Aggelos Orfanakos
|
||||
* Louis Marascio
|
||||
* Elliot Cable
|
||||
|
||||
* ....
|
||||
|
||||
(if you think your name should be here, I probably forgot to add it: tell me!)
|
||||
|
|
17
vendor/plugins/maruku/lib/maruku/ext/div.rb
vendored
17
vendor/plugins/maruku/lib/maruku/ext/div.rb
vendored
|
@ -1,7 +1,20 @@
|
|||
|
||||
|
||||
OpenDiv = /^[ ]{0,3}\+\-\-+\s*(.*)$/
|
||||
CloseDiv = /^[ ]{0,3}\=\-\-+\s*(.*)$/
|
||||
#+-----------------------------------{.warning}------
|
||||
#| this is the last warning!
|
||||
#|
|
||||
#| please, go away!
|
||||
#|
|
||||
#| +------------------------------------- {.menace} --
|
||||
#| | or else terrible things will happen
|
||||
#| +--------------------------------------------------
|
||||
#+---------------------------------------------------
|
||||
|
||||
OpenDiv = /^[ ]{0,3}\+\-\-+\s*(\{([^{}]*|".*"|'.*')*\})?\s*\-*\s*$/
|
||||
CloseDiv = /^[ ]{0,3}\=\-\-+\s*(\{([^{}]*|".*"|'.*')*\})?\s*\-*\s*$/
|
||||
# note these are not enough for parsing the above example:
|
||||
#OpenDiv = /^[ ]{0,3}\+\-\-+\s*(.*)$/
|
||||
#CloseDiv = /^[ ]{0,3}\=\-\-+\s*(.*)$/
|
||||
StartPipe = /^[ ]{0,3}\|(.*)$/ # $1 is rest of line
|
||||
DecorativeClosing = OpenDiv
|
||||
|
||||
|
|
|
@ -442,7 +442,8 @@ module MaRuKu; module In; module Markdown; module SpanLevelParser
|
|||
SPACE = ?\ # = 32
|
||||
|
||||
# R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
|
||||
R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
|
||||
# R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
|
||||
R_REF_ID = Regexp.compile(/([^\]]*)\]/)
|
||||
|
||||
# Reads a bracketed id "[refid]". Consumes also both brackets.
|
||||
def read_ref_id(src, con)
|
||||
|
|
Loading…
Reference in a new issue