From eacb4a637226df82e61cee8d332a54df6d7eeb8a Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Tue, 5 Jul 2016 09:38:44 +0200
Subject: [PATCH] Don't run Rack::Attack for Enterprise.

On enterprise, the reverse proxy is not correctly set up, and therefore the client IP address not passed through properly. For that reason, all requests look like they originate from the same client, and if one gets blocked, everyone gets blocked.
---
 lib/travis/api/app.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/travis/api/app.rb b/lib/travis/api/app.rb
index 624b3fc7..2f3e7d33 100644
--- a/lib/travis/api/app.rb
+++ b/lib/travis/api/app.rb
@@ -129,7 +129,7 @@ module Travis::Api
         use Travis::Api::App::Middleware::UserAgentTracker
 
         # make sure this is below ScopeCheck so we have the token
-        use Rack::Attack if Endpoint.production?
+        use Rack::Attack if Endpoint.production? and not Travis.config.enterprise
 
         # if this is a v3 API request, ignore everything after
         use Travis::API::V3::OptIn