suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add debug to see what request contains

Browse Source
This commit is contained in:
carlad 2016-03-31 15:51:44 +02:00
parent d1848ba6f9
commit 49a6bb5d26
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/travis/api/attack.rb
View File

@ -50,19 +50,22 @@ class Rack::Attack
# Ban time: 5 hours # Ban time: 5 hours
# Ban after: 10 POST requests within five minutes to /auth/github # Ban after: 10 POST requests within five minutes to /auth/github
blacklist('hammering /auth/github') do |request| blacklist('hammering /auth/github') do |request|
Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 2, findtime: 5.minutes, bantime: bantime(5.hours)) do Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 2, findtime: 5.minutes, bantime: bantime(5.hours)) do
request.post? and request.path == '/auth/github' request.post? and request.path == '/auth/github'
end end
end end
#### ####
# Ban based on: IP address or access token # Ban based on: IP address or access token
# Ban time: 1 hour # Ban time: 1 hour
# Ban after: 10 POST requests within 30 seconds # Ban after: 10 POST requests within 30 seconds, unless api_builds_rate_limit is set in repository settings
blacklist('spamming with POST requests') do |request| blacklist('spamming with POST requests') do |request|
Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 10, findtime: 30.seconds, bantime: bantime(1.hour)) do p "request.inspect ++++++++++++++++++++++++++++"
request.post? and not POST_WHITELISTED.include? request.path p request.inspect
end p "+++++++++++++++++++++++++++++++++++++++++++++++++++"
Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 10, findtime: 30.seconds, bantime: bantime(1.hour)) do
request.post? and not POST_WHITELISTED.include? request.path
end
end end