diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-26 14:09:19 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-26 14:09:19 +0300 |
commit | 3d7b56c54620b0ff31a3a455144bf4fef2377c17 (patch) | |
tree | b8ebaabc569670a9f561fc7c5c762e8ec9cf4487 /config | |
parent | 4d477238500c347c6553d335d920bedfc5a46869 (diff) |
Add latest changes from gitlab-org/gitlab@12-4-stable-ee
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/rack_attack_new.rb | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/config/initializers/rack_attack_new.rb b/config/initializers/rack_attack_new.rb index b0f7febe427..50f9d7971cc 100644 --- a/config/initializers/rack_attack_new.rb +++ b/config/initializers/rack_attack_new.rb @@ -59,7 +59,8 @@ class Rack::Attack end throttle('throttle_unauthenticated_protected_paths', Gitlab::Throttle.protected_paths_options) do |req| - Gitlab::Throttle.protected_paths_enabled? && + req.post? && + Gitlab::Throttle.protected_paths_enabled? && req.unauthenticated? && !req.should_be_skipped? && req.protected_path? && @@ -67,14 +68,16 @@ class Rack::Attack end throttle('throttle_authenticated_protected_paths_api', Gitlab::Throttle.protected_paths_options) do |req| - Gitlab::Throttle.protected_paths_enabled? && + req.post? && + Gitlab::Throttle.protected_paths_enabled? && req.api_request? && req.protected_path? && req.authenticated_user_id([:api]) end throttle('throttle_authenticated_protected_paths_web', Gitlab::Throttle.protected_paths_options) do |req| - Gitlab::Throttle.protected_paths_enabled? && + req.post? && + Gitlab::Throttle.protected_paths_enabled? && req.web_request? && req.protected_path? && req.authenticated_user_id([:api, :rss, :ics]) |