class Rack::Cleanser::ParamLengthLimiter

Attributes

env[R]

Public Class Methods

new(name, options, block) click to toggle source
# File lib/rack/cleanser/param_length_limiter.rb, line 12
def initialize(name, options, block)
  @name               = name
  @default_max_length = options[:default] || 2048
  @block              = block
end

Public Instance Methods

[](env) click to toggle source
# File lib/rack/cleanser/param_length_limiter.rb, line 67
def [](env)
  @env = env
  scrub!
end
check_val(val) click to toggle source
# File lib/rack/cleanser/param_length_limiter.rb, line 36
def check_val(val)
  case val
  when String then
    if val.length > max_length
      raise RequestTooLargeException, "#{val.length} >= #{max_length}"
    end
  end
end
filter_exceptions() click to toggle source
# File lib/rack/cleanser/param_length_limiter.rb, line 20
def filter_exceptions
  env["CONTENT_TYPE"] !~ %r{\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?}n
end
max_length() click to toggle source

2048 is arbitrary In characters.

# File lib/rack/cleanser/param_length_limiter.rb, line 26
def max_length
  result = @block.call(env)

  if result.is_a? Integer
    result
  else
    @default_max_length
  end
end
scrub!() click to toggle source
# File lib/rack/cleanser/param_length_limiter.rb, line 45
def scrub!
  rack_input = env["rack.input"].read
  params = Rack::Utils.parse_query(rack_input, "&") if filter_exceptions

  traverse_hash(params) do |val|
    check_val(val)
  end
ensure
  env["rack.input"].rewind
end
traverse_hash(hash_or_not) { |hash_or_not| ... } click to toggle source

Recursively traverse values of given Hash with given block.

# File lib/rack/cleanser/param_length_limiter.rb, line 57
def traverse_hash(hash_or_not, &blk)
  case hash_or_not
  when Hash then
    hash_or_not.each_pair do |_k, v|
      traverse_hash(v, &blk)
    end
  else yield hash_or_not
  end
end