Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/rack_attack/request.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/rack_attack/request.rb')
-rw-r--r--lib/gitlab/rack_attack/request.rb11
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/gitlab/rack_attack/request.rb b/lib/gitlab/rack_attack/request.rb
index a03116f5bb2..e45782b8be0 100644
--- a/lib/gitlab/rack_attack/request.rb
+++ b/lib/gitlab/rack_attack/request.rb
@@ -5,8 +5,9 @@ module Gitlab
module Request
include ::Gitlab::Utils::StrongMemoize
- FILES_PATH_REGEX = %r{^/api/v\d+/projects/[^/]+/repository/files/.+}.freeze
- GROUP_PATH_REGEX = %r{^/api/v\d+/groups/[^/]+/?$}.freeze
+ API_PATH_REGEX = %r{^/api/|/oauth/}
+ FILES_PATH_REGEX = %r{^/api/v\d+/projects/[^/]+/repository/files/.+}
+ GROUP_PATH_REGEX = %r{^/api/v\d+/groups/[^/]+/?$}
def unauthenticated?
!(authenticated_identifier([:api, :rss, :ics]) || authenticated_runner_id)
@@ -32,7 +33,11 @@ module Gitlab
end
def api_request?
- logical_path.start_with?('/api')
+ if ::Feature.enabled?(:rate_limit_oauth_api, ::Feature.current_request)
+ matches?(API_PATH_REGEX)
+ else
+ logical_path.start_with?('/api')
+ end
end
def logical_path
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 09:07:55 +0300