dtaniwaki/rack-secure-upload

Stars
75
Rank 409,991 (Top 9 %)
Language
Ruby
License
MIT License
Created almost 10 years ago
Updated almost 6 years ago

dtaniwaki/rack-secure-upload

dtaniwaki

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Upload files securely

rack-secure-upload

Upload files securely

Installation

Add the rack-secure-upload gem to your Gemfile.

gem "rack-secure-upload"

And run bundle install.

Rack App

require 'rack-secure-upload'
use Rack::SecureUpload::Middleware, :fsecure
run MyApp

Rails App

In config/application.rb

module MyApp
  class Application < Rails::Application
    config.middleware.insert_before ActionDispatch::ParamsParser, Rack::SecureUpload::Middleware, :avast
  end 
end

Options

You can add some options like below.

use Rack::SecureUpload::Middleware, :fsecure, {foo: :bar}

fallback

proc { |env, params, path| }
- use return value of proc
:raise
- raise Rack::SecureUpload::InsecureFileError |
else
- return 406

AntiVirus Softwares

Avast

Get license
Install the package

wget -c http://files.avast.com/files/linux/avast4workstation-1.3.0-1.i586.rpm
sudo yum localinstall avast4workstation-1.3.0-1.i586.rpm
avast -V # Input your license
avast-update

F-Secure

Get license (Optional)
Install the package

wget http://download.f-secure.com/webclub/f-secure-linux-security-10.00.60.tar.gz
tar xvzf f-secure-linux-security-10.00.60.tar.gz
sudo ./f-secure-linux-security-10.00.60/f-secure-linux-security-10.00.60

Test this middleware

Download eicar test file
Upload it

You can try this with sample app

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

Copyright

Copyright (c) 2014 Daisuke Taniwaki. See LICENSE for details.

rack-dev-mark

Show dev mark on development env

mandriller

Mandrill SMTP API integration for ActionMailer

acts_as_hashids

Use Youtube-Like ID in ActiveRecord seamlessly.

activerecord-time-scope

Time-Related Scope for ActiveRecord

hubot-alias

Action alias for hubot

akka-pusher

Pusher meets Akka

hubot-tabelog

Pick up a restaurant to go

paperclip-deflater

Deflate Processor for Paperclip

issue-checker-for-github

Chrome Extension to check github issues assigned to you

hubot-privilege

Hubot is so smart! He can ignore you and your friends.

cron-hpa

"Cron"HorizontalPodAutoscaler

activerecord-after-transaction

Execute Procs After Transaction

ucrspawner

JupyterHub spawner for Marathon Universal Containerizer Runtime (UCR)

e2e-tester

Open source End-to-End test service

wordpress-client

Wordpress API Wrapper

git-kustomize-diff

Diff tool for Kustomize

fluent-plugin-fork

Fork output by separating values for fluentd

cluster-lending-manager

Lending Manager of Kubernetes Cluster

node-custom-console

Custom Console for Node.js

url_regexp

Generate regular expression for URL

node-env-switcher

Switch env per request

chainer-watchdog

Watchdog extension for Chainer

jupyter-env-whitelist

Hide Confidential Environment Variables from Notebooks in JupyterHub.

k8s-virtual-device-plugin

Virtual Device Plugin for Kubernetes

browserstack-screenshot-task

A sample task of browserstack screenshot API

jquery-sticky

Make any element sticky in the container

bugsnag-ruby-ext

Extension of Bugsnag Ruby Client

faraday_middleware-retry_proxy

Retry with proxy in Faraday

jquery-inserter

Chrome Extension to insert any version of jQuery to any page

paperclip_rotation

Rotation Processor For Paperclip

terraform-codepipeline-run-task

Terraform module to run a task in codepipeline

capistrano-misc

Useful tools for Capistrano 2

akka-pusher-play-app

Play application for akka pusher