1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00

Compare commits

...

2 commits

Author SHA1 Message Date
Mia Heidenstedt
a4fa0a2989
Merge 9d85e8b43e into 549ab089ee 2024-07-31 11:06:48 +00:00
i5heu
9d85e8b43e Increase rate-limit for authenticated users on media proxy endpoints 2024-05-27 12:29:01 +00:00

View file

@ -82,8 +82,12 @@ class Rack::Attack
req.authenticated_user_id if req.post? && req.path.match?(%r{\A/api/v\d+/media\z}i) req.authenticated_user_id if req.post? && req.path.match?(%r{\A/api/v\d+/media\z}i)
end end
throttle('throttle_media_proxy', limit: 30, period: 10.minutes) do |req| throttle('throttle_authenticated_media_proxy', limit: 200, period: 10.minutes) do |req|
req.throttleable_remote_ip if req.path.start_with?('/media_proxy') req.authenticated_user_id if req.path.start_with?('/media_proxy')
end
throttle('throttle_unauthenticated_media_proxy', limit: 30, period: 10.minutes) do |req|
req.throttleable_remote_ip if req.path.start_with?('/media_proxy') && req.unauthenticated?
end end
throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req| throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req|