vbatts/mastodon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

allow localhost to bypass the ratelimit (#2554)

Browse source
This commit is contained in:
Tristan Mahé 2017-04-29 15:27:49 -07:00 committed by Eugen Rochko
parent 5135d609b7
commit 964035b118
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
config/initializers/rack_attack.rb
View file

@ -1,6 +1,13 @@
# frozen_string_literal: true
class Rack::Attack
# Always allow requests from localhost
# (blocklist & throttles are skipped)
Rack::Attack.safelist('allow from localhost') do |req|
# Requests are allowed if the return value is truthy
'127.0.0.1' == req.ip || '::1' == req.ip
end
# Rate limits for the API
throttle('api', limit: 300, period: 5.minutes) do |req|
req.ip if req.path =~ /\A\/api\/v/