Merge branch 'master' of github.com:domify/registry

2025-07-24 03:30:33 +02:00 · 2015-07-13 18:35:11 +03:00 · 2015-07-13 18:35:11 +03:00 · 8199b9986b
commit 8199b9986b
parent 48fc21ee65 efe12c9cd4
4 changed files with 7 additions and 3 deletions
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@ -13,7 +13,7 @@ class Epp::SessionsController < EppController
    success = true
    @api_user = ApiUser.find_by(login_params)

-    if request.ip == ENV['webclient_ip'] && !Rails.env.test?
+    if request.ip == ENV['webclient_ip'] && (!Rails.env.test? || !Rails.env.development?)
      client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
      server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
      if client_md5 != server_md5
--- a/app/controllers/epp_controller.rb
+++ b/app/controllers/epp_controller.rb
@ -309,7 +309,7 @@ class EppController < ApplicationController

    # filter pw
    if request_command == 'login' && frame.present?
-      frame.gsub!(/<pw>.+<\/pw>/, '<pw>[FILTERED]</pw>')
+      frame.gsub!(/pw>.+<\//, 'pw>[FILTERED]</')
    end

    ApiLog::EppLog.create({
--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@ -2,3 +2,7 @@

 # Configure sensitive parameters which will be filtered from the log file.
 Rails.application.config.filter_parameters += [:password]
+
+Rails.application.config.filter_parameters << lambda do |key, value|
+  value.gsub!(/pw>.+<\//, 'pw>[FILTERED]</') if key =~ /frame|raw_frame/i
+end
--- a/doc/repp-doc.md
+++ b/doc/repp-doc.md
@ -10,7 +10,7 @@ To quickly test the API, use curl:

    curl -q -k --cert user.crt.pem --key user.key.pem https://TBA/repp/v1/accounts/balance -u username:password

-Test API endpoint: TBA  
+Test API endpoint: https://testepp.internet.ee/repp/v1  
 Production API endpoint: TBA

 Main communication specification through Restful EPP (REPP):