Remove internal api calls from the rack::attack throttling

author: Francisco Javier López <fjlopez@gitlab.com> 2018-02-15 16:54:36 +0000
committer: Douwe Maan <douwe@gitlab.com> 2018-02-15 16:54:36 +0000
commit: 5ddd576c7e93da1c97b81af90f65e1f368266547 (patch)
tree: e11e5af31745f2f053354715a0f48dba10a50e3d /config/initializers
parent: e5df66e1af47ea9bbd526657f9af913618e6f3ee (diff)
download: gitlab-ce-5ddd576c7e93da1c97b81af90f65e1f368266547.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/config/initializers/rack_attack_global.rb b/config/initializers/rack_attack_global.rb
index 9453df2ec5a..a90516eee7d 100644
--- a/config/initializers/rack_attack_global.rb
+++ b/config/initializers/rack_attack_global.rb
@@ -26,6 +26,7 @@ class Rack::Attack
   throttle('throttle_unauthenticated', Gitlab::Throttle.unauthenticated_options) do |req|
     Gitlab::Throttle.settings.throttle_unauthenticated_enabled &&
       req.unauthenticated? &&
+      !req.api_internal_request? &&
       req.ip
   end
 
@@ -54,6 +55,10 @@ class Rack::Attack
       path.start_with?('/api')
     end
 
+    def api_internal_request?
+      path =~ %r{^/api/v\d+/internal/}
+    end
+
     def web_request?
       !api_request?
     end
author	Francisco Javier López <fjlopez@gitlab.com>	2018-02-15 16:54:36 +0000
committer	Douwe Maan <douwe@gitlab.com>	2018-02-15 16:54:36 +0000
commit	5ddd576c7e93da1c97b81af90f65e1f368266547 (patch)
tree	e11e5af31745f2f053354715a0f48dba10a50e3d /config/initializers
parent	e5df66e1af47ea9bbd526657f9af913618e6f3ee (diff)
download	gitlab-ce-5ddd576c7e93da1c97b81af90f65e1f368266547.tar.gz