diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-14 18:12:05 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-14 18:12:05 +0300 |
commit | b119503b7039d1e79b87300a145afdcd1145c2d6 (patch) | |
tree | 9977d51c4fd8177a20f1805c14f0cb6750baee1c /lib/gitlab/rack_attack.rb | |
parent | d378fdaa60adb7217e3fc798580ad206127728d5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/rack_attack.rb')
-rw-r--r-- | lib/gitlab/rack_attack.rb | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/lib/gitlab/rack_attack.rb b/lib/gitlab/rack_attack.rb index 7db7da03925..64c2faf7d50 100644 --- a/lib/gitlab/rack_attack.rb +++ b/lib/gitlab/rack_attack.rb @@ -82,8 +82,14 @@ module Gitlab end def self.configure_throttles(rack_attack) - throttle_or_track(rack_attack, 'throttle_unauthenticated', Gitlab::Throttle.unauthenticated_options) do |req| - if req.throttle_unauthenticated? + throttle_or_track(rack_attack, 'throttle_unauthenticated_api', Gitlab::Throttle.unauthenticated_api_options) do |req| + if req.throttle_unauthenticated_api? + req.ip + end + end + + throttle_or_track(rack_attack, 'throttle_unauthenticated_web', Gitlab::Throttle.unauthenticated_web_options) do |req| + if req.throttle_unauthenticated_web? req.ip end end @@ -177,7 +183,15 @@ module Gitlab return false if dry_run_config.empty? return true if dry_run_config == '*' - dry_run_config.split(',').map(&:strip).include?(name) + dry_run_throttles = dry_run_config.split(',').map(&:strip) + + # `throttle_unauthenticated` was split into API and web, so to maintain backwards-compatibility + # this throttle name now controls both rate limits. + if dry_run_throttles.include?('throttle_unauthenticated') + dry_run_throttles += %w[throttle_unauthenticated_api throttle_unauthenticated_web] + end + + dry_run_throttles.include?(name) end def self.user_allowlist |