-
-
Save MahmoudAgamy/6fc21396f073332f85f2079ccca322de to your computer and use it in GitHub Desktop.
Disable dangerous Redis commands in Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/initializers/redis.rb | |
| require 'redis' | |
| # Disables the `flushdb` and `flushall` commands. | |
| class Redis | |
| module DangerousCommands | |
| def flushdb | |
| raise 'This is EXTREMELY DANGEROUS! If you really want to EMPTY THE ENTIRE DATABASE, do it from `redis-cli`.' | |
| # You could call `super` here if you want to allow access in some circumstances. | |
| end | |
| def flushall | |
| raise 'This is EXTREMELY DANGEROUS! If you really want to FLUSH ALL DATABASES, do it from `redis-cli`.' | |
| # You could call `super` here if you want to allow access in some circumstances. | |
| end | |
| end | |
| prepend DangerousCommands | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment