mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 23:20:44 +01:00
Increase rate-limit for authenticated users on media proxy endpoints
This commit is contained in:
parent
ed99923138
commit
9d85e8b43e
1 changed files with 6 additions and 2 deletions
|
@ -82,8 +82,12 @@ class Rack::Attack
|
||||||
req.authenticated_user_id if req.post? && req.path.match?(%r{\A/api/v\d+/media\z}i)
|
req.authenticated_user_id if req.post? && req.path.match?(%r{\A/api/v\d+/media\z}i)
|
||||||
end
|
end
|
||||||
|
|
||||||
throttle('throttle_media_proxy', limit: 30, period: 10.minutes) do |req|
|
throttle('throttle_authenticated_media_proxy', limit: 200, period: 10.minutes) do |req|
|
||||||
req.throttleable_remote_ip if req.path.start_with?('/media_proxy')
|
req.authenticated_user_id if req.path.start_with?('/media_proxy')
|
||||||
|
end
|
||||||
|
|
||||||
|
throttle('throttle_unauthenticated_media_proxy', limit: 30, period: 10.minutes) do |req|
|
||||||
|
req.throttleable_remote_ip if req.path.start_with?('/media_proxy') && req.unauthenticated?
|
||||||
end
|
end
|
||||||
|
|
||||||
throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req|
|
throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req|
|
||||||
|
|
Loading…
Reference in a new issue