Class: IPAccess::Net::HTTP
- Inherits:
-
Net::HTTP
- Object
- Net::HTTP
- IPAccess::Net::HTTP
- Includes:
- Patches::Net::HTTP
- Defined in:
- lib/ipaccess/ghost_doc/ghost_doc_net_http.rb,
lib/ipaccess/net/http.rb
Overview
Net::HTTP class with IP access control. It uses output access lists and acts the same way as Net::HTTP class but provides special member called acl
and a few new instance methods for controlling IP access.
This documentation doesn’t cover description of all class and instance methods of the original Net::HTTP class, just the patched variants that make use of IP access control.
Examples
Simple method, global access set
require 'ipaccess/net/http'
# blacklist randomseed.pl in global access set
IPAccess::Set::Global.output.blacklist 'randomseed.pl'
# call get_print
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html'
Simple method, shared access set
require 'ipaccess/net/http'
# create access set
acl = IPAccess::Set.new
# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'
call get_print with shared access set passed
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html', acl
Class method start, shared access set
require 'ipaccess/net/http'
require 'uri'
# create access set
acl = IPAccess::Set.new
# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'
# parse URI
url = URI.parse('http://randomseed.pl/index.html')
# call start passing shared access set
res = IPAccess::Net::HTTP.start(url.host, url.port, acl) { |http|
http.get("/")
}
Generic method, private access set
require 'ipaccess/net/http'
# create new GET request
req = Net::HTTP::Get.new('/index.html')
htt = IPAccess::Net::HTTP.new('randomseed.pl', # create Net::HTTP variant
80,
:private) # with private access set
htt.blacklist 'randomseed.pl' # blacklist randomseed.pl and re-check
res = htt.start { |http| # start HTTP session
http.request(req) # and send the request
}
Generic method, shared access set, single object patched
require 'ipaccess/net/http'
# create custom access set with one blacklisted IP
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'
# create HTTP request and Net::HTTP object
req = Net::HTTP::Get.new("/")
htt = Net::HTTP.new(url.host, url.port)
# patch newly created object
IPAccess.arm htt, acl
# start HTTP session
res = htt.start { |http|
http.request(req)
}
Simple method, shared access set, class patched
require 'ipaccess/net/http'
# blacklist randomseed.pl in shared access set
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'
# patch whole Net::HTTP class
IPAccess.arm Net::HTTP
# call get_print with passed access set
Net::HTTP.get_print 'randomseed.pl', '/index.html', acl
Constant Summary
Constants included from Patches::Net::HTTP
Patches::Net::HTTP::IPAC_KNOWN_FLAGS
Instance Attribute Summary collapse
-
#acl ⇒ Object
=== Example.
Attributes included from Patches::ACL
Class Method Summary collapse
-
.get_response ⇒ Object
:call-seq: get_response(uri_or_host, path, port, acl)
{|http| …}
|<br /> get_response(uri_or_host, path, acl){|http| …}
<br /> get_response(uri_or_host, acl){|http| …}
<br /> get_response(uri_or_host, path = nil, port = nil){|http| …}
Sends a GET request to the target and return the response as a Net::HTTPResponse object. -
.start ⇒ Object
:call-seq: start(address, acl)
{|http| …}
<br /> start(address, port, acl){|http| …}
<br /> start(address, port, p_addr, acl){|http| …}
<br /> start(address, port , p_addr, p_port, acl){|http| …}
<br /> start(address, port, p_addr, p_port, p_user, p_pass, acl){|http| …}
<br /> start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil){|http| …}
.
Instance Method Summary collapse
-
#acl_recheck ⇒ Object
This method allows you to re-check access on demad.
-
#blacklist(*addresses) ⇒ Object
(also: #add_black, #deny, #block)
-
#blacklist!(*addresses) ⇒ Object
(also: #add_black!, #deny!, #block!)
-
#blacklist_reasonable(reason, *addresses) ⇒ Object
This method works like blacklist but allows to set reason.
-
#blacklist_reasonable!(reason, *addresses) ⇒ Object
This method works like blacklist! but allows to set reason.
-
#initialize(address) ⇒ HTTP
constructor
Creates a new object for the specified address.
-
#unblacklist(*addresses) ⇒ Object
(also: #unblock, #del_black)
-
#unblacklist!(*addresses) ⇒ Object
(also: #unblock!, #del_black!)
-
#unwhitelist(*addresses) ⇒ Object
(also: #del_white)
-
#unwhitelist!(*addresses) ⇒ Object
(also: #del_white!)
-
#whitelist(*addresses) ⇒ Object
-
#whitelist!(*addresses) ⇒ Object
-
#whitelist_reasonable(reason, *addresses) ⇒ Object
This method works like whitelist but allows to set reason.
-
#whitelist_reasonable!(reason, *addresses) ⇒ Object
This method works like whitelist! but allows to set reason.
Methods included from Patches::ACL
#__ipa_wrap_socket_call, #close_on_deny, #close_on_deny=, #default_list, #terminate, #valid_acl?
Constructor Details
#new(address) ⇒ HTTP #new(address, acl) ⇒ HTTP #new(address, port, acl) ⇒ HTTP #new(address, acl, *flags) ⇒ HTTP #new(address, port, acl, *flags) ⇒ HTTP
Creates a new object for the specified address. This method does not open the TCP connection. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.
Flags are symbols that control behavior of IPAccess:
* +:opened_on_deny+ causes blocking method to leave a socket open when access is denied and a socket was re-checked
* +:check_only_proxy+ causes access checks to be applied only to a proxy server address if a proxy is in use
* +:check_only_real+ causes access check to be applied only to a destination address (and not to proxy server) if a proxy is in use
250 251 252 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 250 def initialize(address) # Real code hidden. end |
Instance Attribute Details
#acl ⇒ Object
217 218 219 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 217 def acl @acl end |
Class Method Details
.get_response ⇒ Object
:call-seq:
get_response(uri_or_host, path, port, acl) <tt>{|http| …}</tt>|<br />
get_response(uri_or_host, path, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, path = nil, port = nil) <tt>{|http| …}</tt>
Sends a GET request to the target and return the response as a Net::HTTPResponse object. The target can either be specified as (uri), or as (host, path, port = 80). It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.
291 292 293 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 291 def self.get_response # Real code hidden. end |
.start ⇒ Object
:call-seq:
start(address, acl) <tt>{|http| …}</tt><br />
start(address, port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, acl) <tt>{|http| …}</tt><br />
start(address, port , p_addr, p_port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, p_port, p_user, p_pass, acl) <tt>{|http| …}</tt><br />
start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil) <tt>{|http| …}</tt>
Creates a new object and opens its TCP connection and HTTP session. If the optional block is given, the newly created Net::HTTP object is passed to it and closed when the block finishes. In this case, the return value of this method is the return value of the block. If no block is given, the return value of this method is the newly created Net::HTTP object itself, and the caller is responsible for closing it upon completion. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.
274 275 276 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 274 def self.start # Real code hidden. end |
Instance Method Details
#acl_recheck ⇒ Object
This method allows you to re-check access on demad. It uses internal socket’s address and access set assigned to an object. It will close your communication session before throwing an exception in case of denied access – you can prevent it by setting the flag opened_on_deny
to true
. The flag can be set while initializing object (through argument :opened_on_deny
) or by setting the attribute.
228 229 230 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 228 def acl_recheck # Real code hidden. end |
#blacklist(*addresses) ⇒ Object #blacklist(list, *addresses) ⇒ Object Also known as: add_black, deny, block
154 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 154 def blacklist(*addresses); end |
#blacklist!(*addresses) ⇒ Object #blacklist!(list, *addresses) ⇒ Object Also known as: add_black!, deny!, block!
149 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 149 def blacklist!(*addresses); end |
#blacklist_reasonable(reason, *addresses) ⇒ Object
This method works like blacklist but allows to set reason.
203 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 203 def blacklist_reasonable(reason, *addresses); end |
#blacklist_reasonable!(reason, *addresses) ⇒ Object
This method works like blacklist! but allows to set reason.
199 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 199 def blacklist_reasonable!(reason, *addresses); end |
#unblacklist(*addresses) ⇒ Object #unblacklist(list, *addresses) ⇒ Object Also known as: unblock, del_black
174 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 174 def unblacklist(*addresses); end |
#unblacklist!(*addresses) ⇒ Object #unblacklist!(list, *addresses) ⇒ Object Also known as: unblock!, del_black!
169 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 169 def unblacklist!(*addresses); end |
#unwhitelist(*addresses) ⇒ Object #unwhitelist(list, *addresses) ⇒ Object Also known as: del_white
164 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 164 def unwhitelist(*addresses); end |
#unwhitelist!(*addresses) ⇒ Object #unwhitelist!(list, *addresses) ⇒ Object Also known as: del_white!
159 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 159 def unwhitelist!(*addresses); end |
#whitelist(*addresses) ⇒ Object #whitelist(list, *addresses) ⇒ Object
144 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 144 def whitelist(*addresses); end |
#whitelist!(*addresses) ⇒ Object #whitelist!(list, *addresses) ⇒ Object
139 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 139 def whitelist!(*addresses); end |
#whitelist_reasonable(reason, *addresses) ⇒ Object
This method works like whitelist but allows to set reason.
195 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 195 def whitelist_reasonable(reason, *addresses); end |
#whitelist_reasonable!(reason, *addresses) ⇒ Object
This method works like whitelist! but allows to set reason.
191 |
# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 191 def whitelist_reasonable!(reason, *addresses); end |