Class: IPAccess::Net::HTTP

Inherits:

Net::HTTP

• Object
• Net::HTTP
• IPAccess::Net::HTTP

Includes:

Patches::Net::HTTP

Defined in:

lib/ipaccess/ghost_doc/ghost_doc_net_http.rb,
lib/ipaccess/net/http.rb

Overview

Net::HTTP class with IP access control. It uses output access lists and acts the same way as Net::HTTP class but provides special member called acl and a few new instance methods for controlling IP access.

This documentation doesn’t cover description of all class and instance methods of the original Net::HTTP class, just the patched variants that make use of IP access control.

Examples

Simple method, global access set

require 'ipaccess/net/http'

# blacklist randomseed.pl in global access set
IPAccess::Set::Global.output.blacklist 'randomseed.pl'

# call get_print
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html'

Simple method, shared access set

require 'ipaccess/net/http'

# create access set
acl = IPAccess::Set.new

# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'

call get_print with shared access set passed
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html', acl

Class method start, shared access set

require 'ipaccess/net/http'
require 'uri'

# create access set
acl = IPAccess::Set.new

# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'

# parse URI
url = URI.parse('http://randomseed.pl/index.html')

# call start passing shared access set
res = IPAccess::Net::HTTP.start(url.host, url.port, acl) { |http|
  http.get("/")
}

Generic method, private access set

require 'ipaccess/net/http'

# create new GET request
req = Net::HTTP::Get.new('/index.html')           

htt = IPAccess::Net::HTTP.new('randomseed.pl',        # create Net::HTTP variant
                              80,                     
                              :private)               # with private access set

htt.blacklist 'randomseed.pl'                         # blacklist randomseed.pl and re-check
res = htt.start { |http|                              # start HTTP session
  http.request(req)                                   # and send the request
}

Generic method, shared access set, single object patched

require 'ipaccess/net/http'

# create custom access set with one blacklisted IP
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'

# create HTTP request and Net::HTTP object
req = Net::HTTP::Get.new("/")
htt = Net::HTTP.new(url.host, url.port)

# patch newly created object
IPAccess.arm htt, acl

# start HTTP session
res = htt.start { |http|
  http.request(req)
}

Simple method, shared access set, class patched

require 'ipaccess/net/http'

# blacklist randomseed.pl in shared access set
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'

# patch whole Net::HTTP class
IPAccess.arm Net::HTTP

# call get_print with passed access set
Net::HTTP.get_print 'randomseed.pl', '/index.html', acl

Constant Summary

Constants included from Patches::Net::HTTP

Patches::Net::HTTP::IPAC_KNOWN_FLAGS

Instance Attribute Summary

• #acl ⇒ Object

  === Example.

Attributes included from Patches::ACL

#opened_on_deny

Class Method Summary

• .get_response ⇒ Object

  :call-seq: get_response(uri_or_host, path, port, acl) {|http| …}|<br /> get_response(uri_or_host, path, acl) {|http| …}<br /> get_response(uri_or_host, acl) {|http| …}<br /> get_response(uri_or_host, path = nil, port = nil) {|http| …} Sends a GET request to the target and return the response as a Net::HTTPResponse object.

• .start ⇒ Object

  :call-seq: start(address, acl) {|http| …}<br /> start(address, port, acl) {|http| …}<br /> start(address, port, p_addr, acl) {|http| …}<br /> start(address, port , p_addr, p_port, acl) {|http| …}<br /> start(address, port, p_addr, p_port, p_user, p_pass, acl) {|http| …}<br /> start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil) {|http| …}.

Instance Method Summary

• #acl_recheck ⇒ Object

  This method allows you to re-check access on demad.

• #blacklist(*addresses) ⇒ Object (also: #add_black, #deny, #block)

• #blacklist!(*addresses) ⇒ Object (also: #add_black!, #deny!, #block!)

• #blacklist_reasonable(reason, *addresses) ⇒ Object

  This method works like blacklist but allows to set reason.

• #blacklist_reasonable!(reason, *addresses) ⇒ Object

  This method works like blacklist! but allows to set reason.

• #initialize(address) ⇒ HTTP constructor

  Creates a new object for the specified address.

• #unblacklist(*addresses) ⇒ Object (also: #unblock, #del_black)

• #unblacklist!(*addresses) ⇒ Object (also: #unblock!, #del_black!)

• #unwhitelist(*addresses) ⇒ Object (also: #del_white)

• #unwhitelist!(*addresses) ⇒ Object (also: #del_white!)

• #whitelist(*addresses) ⇒ Object

• #whitelist!(*addresses) ⇒ Object

• #whitelist_reasonable(reason, *addresses) ⇒ Object

  This method works like whitelist but allows to set reason.

• #whitelist_reasonable!(reason, *addresses) ⇒ Object

  This method works like whitelist! but allows to set reason.

Methods included from Patches::ACL

#__ipa_wrap_socket_call, #close_on_deny, #close_on_deny=, #default_list, #terminate, #valid_acl?

Constructor Details

#new(address) ⇒ HTTP #new(address, acl) ⇒ HTTP #new(address, port, acl) ⇒ HTTP #new(address, acl, *flags) ⇒ HTTP #new(address, port, acl, *flags) ⇒ HTTP

Creates a new object for the specified address. This method does not open the TCP connection. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

Flags are symbols that control behavior of IPAccess:

* +:opened_on_deny+ causes blocking method to leave a socket open when access is denied and a socket was re-checked
* +:check_only_proxy+ causes access checks to be applied only to a proxy server address if a proxy is in use
* +:check_only_real+ causes access check to be applied only to a destination address (and not to proxy server) if a proxy is in use

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 250

def initialize(address)
  # Real code hidden.
end

Instance Attribute Details

#acl ⇒ Object

Example

require 'ipaccess/net/http'                         # load Net::HTTP variant

http = IPAccess::Net::HTTP.new('randomseed.pl', 80) # create HTTP object

http.acl = :global                      # use global access set
http.acl = :private                     # create and use individual access set
http.acl = IPAccess::Set.new                 # use external (shared) access set

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 217

def acl
  @acl
end

Class Method Details

.get_response ⇒ Object

:call-seq:

get_response(uri_or_host, path, port, acl) <tt>{|http| …}</tt>|<br />
get_response(uri_or_host, path, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, path = nil, port = nil) <tt>{|http| …}</tt>

Sends a GET request to the target and return the response as a Net::HTTPResponse object. The target can either be specified as (uri), or as (host, path, port = 80). It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 291

def self.get_response
  # Real code hidden.
end

.start ⇒ Object

:call-seq:

start(address, acl) <tt>{|http| …}</tt><br />
start(address, port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, acl) <tt>{|http| …}</tt><br />
start(address, port , p_addr, p_port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, p_port, p_user, p_pass, acl) <tt>{|http| …}</tt><br />
start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil) <tt>{|http| …}</tt>

Creates a new object and opens its TCP connection and HTTP session. If the optional block is given, the newly created Net::HTTP object is passed to it and closed when the block finishes. In this case, the return value of this method is the return value of the block. If no block is given, the return value of this method is the newly created Net::HTTP object itself, and the caller is responsible for closing it upon completion. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 274

def self.start
  # Real code hidden.
end

Instance Method Details

#acl_recheck ⇒ Object

This method allows you to re-check access on demad. It uses internal socket’s address and access set assigned to an object. It will close your communication session before throwing an exception in case of denied access – you can prevent it by setting the flag opened_on_deny to true. The flag can be set while initializing object (through argument :opened_on_deny) or by setting the attribute.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 228

def acl_recheck
  # Real code hidden.
end

#blacklist(*addresses) ⇒ Object #blacklist(list, *addresses) ⇒ Object Also known as: add_black, deny, block

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 154

def blacklist(*addresses); end

#blacklist!(*addresses) ⇒ Object #blacklist!(list, *addresses) ⇒ Object Also known as: add_black!, deny!, block!

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 149

def blacklist!(*addresses); end

#blacklist_reasonable(reason, *addresses) ⇒ Object

This method works like blacklist but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 203

def blacklist_reasonable(reason, *addresses); end

#blacklist_reasonable!(reason, *addresses) ⇒ Object

This method works like blacklist! but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 199

def blacklist_reasonable!(reason, *addresses); end

#unblacklist(*addresses) ⇒ Object #unblacklist(list, *addresses) ⇒ Object Also known as: unblock, del_black

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 174

def unblacklist(*addresses); end

#unblacklist!(*addresses) ⇒ Object #unblacklist!(list, *addresses) ⇒ Object Also known as: unblock!, del_black!

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 169

def unblacklist!(*addresses); end

#unwhitelist(*addresses) ⇒ Object #unwhitelist(list, *addresses) ⇒ Object Also known as: del_white

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 164

def unwhitelist(*addresses); end

#unwhitelist!(*addresses) ⇒ Object #unwhitelist!(list, *addresses) ⇒ Object Also known as: del_white!

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 159

def unwhitelist!(*addresses); end

#whitelist(*addresses) ⇒ Object #whitelist(list, *addresses) ⇒ Object

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 144

def whitelist(*addresses); end

#whitelist!(*addresses) ⇒ Object #whitelist!(list, *addresses) ⇒ Object

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 139

def whitelist!(*addresses); end

#whitelist_reasonable(reason, *addresses) ⇒ Object

This method works like whitelist but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 195

def whitelist_reasonable(reason, *addresses); end

#whitelist_reasonable!(reason, *addresses) ⇒ Object

This method works like whitelist! but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 191

def whitelist_reasonable!(reason, *addresses); end