Skip to content

Instantly share code, notes, and snippets.

@postmodern
Created October 12, 2009 00:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save postmodern/207984 to your computer and use it in GitHub Desktop.
Save postmodern/207984 to your computer and use it in GitHub Desktop.
A Rack middleware app to spoof the Server header.
module Rack
#
# The LieServer is a simple Rack middleware app which allows one to spoof
# the +Server+ header in responses for every request, requests to certain
# sub-directories or paths which match a regular expression.
#
# Be deceitful to would be attackers, tell them your running IIS 3.0.
#
# MIT License - Hal Brodigan (postmodern.mod3 at gmail.com)
#
class LieServer
#
# Initializes the lie server.
#
# @param [#call] app
# The Rack app to lie for.
#
# @param [Hash{Regexp,String => String}] options
# Additional lie options.
#
# @example
# use Rack::LieServer, '/' => 'IIS 3.0'
#
# @example
# use Rack::LieServer, /\.asp$/ => 'Apache',
# '/' => 'Nginx'
#
def initialize(app,options={})
@app = app
patterns = []
paths = {}
options.each do |pattern,lie|
if pattern.kind_of?(Regexp)
patterns << [pattern, lie]
else
paths[pattern] = lie
end
end
@routes = patterns + paths.sort.reverse
end
def call(env)
code, headers, body = @app.call(env)
path = env['PATH_INFO']
pattern, lie = @routes.find do |pattern,lie|
if pattern.kind_of?(Regexp)
path =~ pattern
else
path[0,pattern.length] == pattern
end
end
headers['Server'] = lie if lie
[code, headers, body]
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment