View on GitHub

SafeSymbol

SafeSymbol, maybe it protects you from DoS attack

Download this project as a .zip file Download this project as a tar.gz file

SafeSymbol

Website / Report Issue / Source Code

About

Well, there is a lot of talk about DoS attacks via Symbol creation becuase Symbols are not garbage collected. So I figure the easiest course of action is to head them off at the pass by replacing Symbol with a normal class that mimics Symbol in every way.

Usage

SafeSymbol Class

SafeSymbols can be create via SafeSymbol.new or more conveniently via the SafeSymbol() Kernel method.

SafeSymbol.new('sample')

SafeSymbol('sample')

The later is more forgiving, whereas the former will only take a string.

SafeSymbol.new(:sample)  #=> TypeError

Extensions

The extensions.rb script will override all #to_sym and #intern methods to always return a SafeSymbol instead of the usual Symbol.

require 'safe_symbol/extensions'

"sample".to_sym  #=> SafeSymbol("sample")

Refinements

The refinements.rb script works just like the extensions but ecapsulates the overrides in a refinement module.

require 'safe_symbol/refinements'

using SafeSymbol::Refinements

"sample".to_sym  #=> SafeSymbol("sample")

Copyrights

Copyright (c) 2013 Rubyworks

SafeSymbol is modifiable and redistributable in accordance to the BSD-2-Clause license.