docs: add remaining docs for classes in app/logical.

2021-06-23 20:32:59 -05:00
parent c6855261fe
commit 00ca7526bb
47 changed files with 705 additions and 25 deletions
--- a/app/logical/validating_socket.rb
+++ b/app/logical/validating_socket.rb
@@ -1,6 +1,9 @@
-# A TCPSocket wrapper that disallows connections to local or private IPs. Used for SSRF protection.
-# https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
-
+# A TCPSocket wrapper that disallows connections to local or private IPs. Used
+# by {Danbooru::Http} to prevent server-side request forgery (SSRF) attacks. For
+# example, if we try to download an image from http://example.com/image.jpg, but
+# example.com resolves to 127.0.0.1, then the request is prohibited.
+#
+# @see https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
 require "resolv"

 class ValidatingSocket < TCPSocket