Don't run Rack::Attack for Enterprise.

On enterprise, the reverse proxy is not correctly set up, and therefore the client IP address not passed through properly. For that reason, all requests look like they originate from the same client, and if one gets blocked, everyone gets blocked.
2016-07-05 09:38:44 +02:00 · 2016-07-05 09:38:44 +02:00 · eacb4a6372
commit eacb4a6372
parent 75937e45ee
1 changed files with 1 additions and 1 deletions
--- a/lib/travis/api/app.rb
+++ b/lib/travis/api/app.rb
@ -129,7 +129,7 @@ module Travis::Api
        use Travis::Api::App::Middleware::UserAgentTracker

        # make sure this is below ScopeCheck so we have the token
-        use Rack::Attack if Endpoint.production?
+        use Rack::Attack if Endpoint.production? and not Travis.config.enterprise

        # if this is a v3 API request, ignore everything after
        use Travis::API::V3::OptIn