diff options
author | Brian Neel <brian@gitlab.com> | 2017-02-20 11:50:31 -0500 |
---|---|---|
committer | Brian Neel <brian@gitlab.com> | 2017-02-20 11:50:31 -0500 |
commit | 3e56e06985af8e1a0bd2b0be2f935fd22b14f1e8 (patch) | |
tree | 3371f7a9f1a99300d3ec37eef18ae1ab50c6cbbe | |
parent | 1f35aee0d5e39e3c2843dde6aceeb7586bf019a7 (diff) | |
download | gitlab-ce-upgrade-rack-attack.tar.gz |
safelist/blocklist is for the Beta gem. Restore whitelist/blacklistupgrade-rack-attack
-rw-r--r-- | config/initializers/rack_attack.rb.example | 4 | ||||
-rw-r--r-- | config/initializers/rack_attack_git_basic_auth.rb | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/config/initializers/rack_attack.rb.example b/config/initializers/rack_attack.rb.example index a411bcc06c3..7b306cc64d4 100644 --- a/config/initializers/rack_attack.rb.example +++ b/config/initializers/rack_attack.rb.example @@ -26,12 +26,12 @@ whitelist = Gitlab.config.rack_attack['whitelist'] blacklist = Gitlab.config.rack_attack['blacklist'] unless Gitlab.config.rack_attack['blacklist'].nil? unless Rails.env.test? || !rack_attack_enabled - Rack::Attack.safelist('allow custom whitelist') do |req| + Rack::Attack.whitelist('allow custom whitelist') do |req| whitelist.include? req.ip end unless blacklist.nil? - Rack::Attack.blocklist('ban custom blacklist') do |req| + Rack::Attack.blacklist('ban custom blacklist') do |req| blacklist.include? req.ip end end diff --git a/config/initializers/rack_attack_git_basic_auth.rb b/config/initializers/rack_attack_git_basic_auth.rb index 88679a592dc..41e3f059555 100644 --- a/config/initializers/rack_attack_git_basic_auth.rb +++ b/config/initializers/rack_attack_git_basic_auth.rb @@ -3,8 +3,8 @@ git_basic_auth_enabled = Gitlab.config.rack_attack.git_basic_auth['enabled'] unless Rails.env.test? || !rack_attack_enabled || !git_basic_auth_enabled # Tell the Rack::Attack Rack middleware to maintain an IP blocklist. We will - # update the blocklist from GitLab::Auth.rate_limit - Rack::Attack.blocklist('Git HTTP Basic Auth') do |req| + # update the blacklist from GitLab::Auth.rate_limit + Rack::Attack.blacklist('Git HTTP Basic Auth') do |req| Rack::Attack::Allow2Ban.filter(req.ip, Gitlab.config.rack_attack.git_basic_auth) do # This block only gets run if the IP was not already banned. # Return false, meaning that we do not see anything wrong with the |