class Rack::PactBroker::InvalidUriProtection

Constants

CONSECUTIVE_SLASH

Attributes

app[R]

Public Class Methods

new(app) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 17
def initialize app
  @app = app
end

Public Instance Methods

call(env) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 21
def call env
  if (uri = valid_uri?(env))
    if (error_message = validate(uri))
      [422, headers, [body(env, error_message, "Unprocessable", "invalid-request-parameter-value", 422)]]
    else
      app.call(env)
    end
  else
    [404, headers, [body(env, "Empty path component found", "Not Found", "not-found", 404)]]
  end
end

Private Instance Methods

body(env, detail, title, type, status) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 64
def body(env, detail, title, type, status)
  env["pactbroker.application_context"]
    .decorator_configuration
    .class_for(:custom_error_problem_json_decorator)
    .new(detail: detail, title: title, type: type, status: status)
    .to_json(user_options: { base_url: env["pactbroker.base_url"] })
end
headers() click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 60
def headers
  {"Content-Type" => "application/problem+json"}
end
parse(uri) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 47
def parse uri
  URI.parse(uri)
end
valid_uri?(env) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 37
def valid_uri? env
  begin
    uri = parse(::Rack::Request.new(env).url)
    return nil if CONSECUTIVE_SLASH.match(uri.path)
    uri
  rescue URI::InvalidURIError, ArgumentError
    nil
  end
end
validate(uri) click to toggle source
# File lib/rack/pact_broker/invalid_uri_protection.rb, line 51
def validate(uri)
  decoded_path = URI.decode_www_form_component(uri.path)
  if decoded_path.include?("\n")
    message("errors.new_line_in_url_path")
  elsif decoded_path.include?("\t")
    message("errors.tab_in_url_path")
  end
end