Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

SafeSymbol might protect you form DoS attack.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 test
Octocat-spinner-32 var
Octocat-spinner-32 .gemspec
Octocat-spinner-32 .index
Octocat-spinner-32 .travis.yml
Octocat-spinner-32 HISTORY.md
Octocat-spinner-32 README.md
Octocat-spinner-32 Rakefile
README.md

SafeSymbol

Website / Report Issue / Source Code

About

Well, there is a lot of talk about DoS attacks via Symbol creation becuase Symbols are not garbage collected. So I figure the easiest course of action is to head them off at the pass by replacing Symbol with a normal class that mimics Symbol in every way.

Usage

SafeSymbol Class

SafeSymbols can be create via SafeSymbol.new or more conveniently via the SafeSymbol() Kernel method.

SafeSymbol.new('sample')

SafeSymbol('sample')

The later is more forgiving, whereas the former will only take a string.

SafeSymbol.new(:sample)  #=> TypeError

Extensions

The extensions.rb script will override all #to_sym and #intern methods to always return a SafeSymbol instead of the usual Symbol.

require 'safe_symbol/extensions'

"sample".to_sym  #=> SafeSymbol("sample")

Refinements

The refinements.rb script works just like the extensions but ecapsulates the overrides in a refinement module.

require 'safe_symbol/refinements'

using SafeSymbol::Refinements

"sample".to_sym  #=> SafeSymbol("sample")

Copyrights

Copyright (c) 2013 Rubyworks

SafeSymbol is modifiable and redistributable in accordance to the BSD-2-Clause license.

Something went wrong with that request. Please try again.