3 files changed, 16 insertions, 3 deletions

diff --git a/changelogs/unreleased/fj-41598-fixing-request-mime-type.yml b/changelogs/unreleased/fj-41598-fixing-request-mime-type.yml
new file mode 100644
index 00000000000..85e4d78b2df
--- /dev/null
+++ b/changelogs/unreleased/fj-41598-fixing-request-mime-type.yml
@@ -0,0 +1,5 @@
+---
+title: Fixing rack request mime type when using rack attack
+merge_request: 16427
+author:
+type: fixed
diff --git a/lib/gitlab/auth/user_auth_finders.rb b/lib/gitlab/auth/user_auth_finders.rb
index b4114a3ac96..cf02030c577 100644
--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -96,9 +96,7 @@ module Gitlab
       end
 
       def ensure_action_dispatch_request(request)
-        return request if request.is_a?(ActionDispatch::Request)
-
-        ActionDispatch::Request.new(request.env)
+        ActionDispatch::Request.new(request.env.dup)
       end
 
       def current_request
diff --git a/spec/lib/gitlab/auth/user_auth_finders_spec.rb b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
index 4637816570c..2733eef6611 100644
--- a/spec/lib/gitlab/auth/user_auth_finders_spec.rb
+++ b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
@@ -76,6 +76,16 @@ describe Gitlab::Auth::UserAuthFinders do
         expect(find_user_from_rss_token).to be_nil
       end
     end
+
+    context 'when the request format is empty' do
+      it 'the method call does not modify the original value' do
+        env['action_dispatch.request.formats'] = nil
+
+        find_user_from_rss_token
+
+        expect(env['action_dispatch.request.formats']).to be_nil
+      end
+    end
   end
 
   describe '#find_user_from_access_token' do