diff options
author | Stan Hu <stanhu@gmail.com> | 2016-04-25 17:08:10 -0700 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2016-04-27 07:22:02 -0700 |
commit | 1d6fdcea95accde7502ace3dc94f79435edfd5c7 (patch) | |
tree | bf1bd1560fa9ed4d0de2572b9edc3d8aaa4656af /config/initializers/rack_attack.rb.example | |
parent | c01ff1f54b55a60f7c7473d0d8a429d5cf9c1609 (diff) | |
download | gitlab-ce-1d6fdcea95accde7502ace3dc94f79435edfd5c7.tar.gz |
Disable Rack Attack if admin disables it in config file
Grack::Auth already checks this variable. These holdouts were not
disabled, leading to confusion when debugging a customer issue.
Diffstat (limited to 'config/initializers/rack_attack.rb.example')
-rw-r--r-- | config/initializers/rack_attack.rb.example | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/config/initializers/rack_attack.rb.example b/config/initializers/rack_attack.rb.example index b1bbcca1d61..30d05f16153 100644 --- a/config/initializers/rack_attack.rb.example +++ b/config/initializers/rack_attack.rb.example @@ -17,8 +17,9 @@ paths_to_be_protected = [ # Create one big regular expression that matches strings starting with any of # the paths_to_be_protected. paths_regex = Regexp.union(paths_to_be_protected.map { |path| /\A#{Regexp.escape(path)}/ }) +rack_attack_enabled = Gitlab.config.rack_attack.git_basic_auth['enabled'] -unless Rails.env.test? +unless Rails.env.test? || !rack_attack_enabled Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req| if req.post? && req.path =~ paths_regex req.ip |