Created
November 30, 2018 01:31
-
-
Save joshuap/c1ff2657c150df6fb1257398b1d2716b to your computer and use it in GitHub Desktop.
Disable dangerous Redis commands in Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/initializers/redis.rb | |
| require 'redis' | |
| # Disables the `flushdb` and `flushall` commands. | |
| class Redis | |
| module DangerousCommands | |
| def flushdb | |
| raise 'This is EXTREMELY DANGEROUS! If you really want to EMPTY THE ENTIRE DATABASE, do it from `redis-cli`.' | |
| # You could call `super` here if you want to allow access in some circumstances. | |
| end | |
| def flushall | |
| raise 'This is EXTREMELY DANGEROUS! If you really want to FLUSH ALL DATABASES, do it from `redis-cli`.' | |
| # You could call `super` here if you want to allow access in some circumstances. | |
| end | |
| end | |
| prepend DangerousCommands | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment