diff options
Diffstat (limited to 'lib/gitlab/rack_attack/request.rb')
| -rw-r--r-- | lib/gitlab/rack_attack/request.rb | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/lib/gitlab/rack_attack/request.rb b/lib/gitlab/rack_attack/request.rb index d7abacb5b67..a03116f5bb2 100644 --- a/lib/gitlab/rack_attack/request.rb +++ b/lib/gitlab/rack_attack/request.rb @@ -71,6 +71,10 @@ module Gitlab matches?(protected_paths_regex) end + def get_request_protected_path? + matches?(protected_paths_for_get_request_regex) + end + def throttle?(throttle, authenticated:) fragment = Gitlab::Throttle.throttle_fragment!(throttle, authenticated: authenticated) @@ -133,6 +137,28 @@ module Gitlab Gitlab::Throttle.protected_paths_enabled? end + def throttle_unauthenticated_get_protected_paths? + get? && + !should_be_skipped? && + get_request_protected_path? && + Gitlab::Throttle.protected_paths_enabled? && + unauthenticated? + end + + def throttle_authenticated_get_protected_paths_api? + get? && + api_request? && + get_request_protected_path? && + Gitlab::Throttle.protected_paths_enabled? + end + + def throttle_authenticated_get_protected_paths_web? + get? && + web_request? && + get_request_protected_path? && + Gitlab::Throttle.protected_paths_enabled? + end + def throttle_unauthenticated_packages_api? packages_api_path? && Gitlab::Throttle.settings.throttle_unauthenticated_packages_api_enabled && @@ -199,6 +225,14 @@ module Gitlab Regexp.union(protected_paths.map { |path| /\A#{Regexp.escape(path)}/ }) end + def protected_paths_for_get_request + Gitlab::CurrentSettings.current_application_settings.protected_paths_for_get_request + end + + def protected_paths_for_get_request_regex + Regexp.union(protected_paths_for_get_request.map { |path| /\A#{Regexp.escape(path)}/ }) + end + def packages_api_path? matches?(::Gitlab::Regex::Packages::API_PATH_REGEX) end |