Sha256: bce2148439a9f1291bf541272ab2ff38b584aacd16eb72b7d1d49a59b78dbaf8
Contents?: true
Size: 823 Bytes
Versions: 2
Compression:
Stored size: 823 Bytes
Contents
# frozen_string_literal: true
module Toycol
module Helper
def logger(message)
puts "[Toycol] #{message}"
end
private
def safe_execution!(&block)
safe_executionable_tp.enable(&block)
end
def safe_executionable_tp
@safe_executionable_tp ||= TracePoint.new(:script_compiled) do |tp|
if tp.binding.receiver == Protocol && tp.method_id.to_s.match?(unauthorized_methods_regex)
raise UnauthorizeError, <<~ERROR
- Unauthorized method was called!
You can't use methods that may cause injections in your protocol.
Ex. Kernel.#eval, Kernel.#exec, Kernel.#require and so on.
ERROR
end
end
end
def unauthorized_methods_regex
/(.*eval|.*exec|`.+|%x\(|system|open|require|load)/
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| toycol-1.0.0 | lib/toycol/helper.rb |
| toycol-0.3.1 | lib/toycol/helper.rb |