allow localhost to bypass the ratelimit (#2554)

author Tristan Mahé <gled@remote-shell.net>

Sat, 29 Apr 2017 22:27:49 +0000 (15:27 -0700)

committer Eugen Rochko <eugen@zeonfederated.com>

Sat, 29 Apr 2017 22:27:49 +0000 (00:27 +0200)
author Tristan Mahé <gled@remote-shell.net>
Sat, 29 Apr 2017 22:27:49 +0000 (15:27 -0700)
committer Eugen Rochko <eugen@zeonfederated.com>
Sat, 29 Apr 2017 22:27:49 +0000 (00:27 +0200)
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb

index 67ec7c919aa4f58f8ee8bd5767ef8f1410f6179e..3ebe3946207b9a91052e4d9757cb015b9e5d9d2a 100644 (file)
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -1,6 +1,13 @@
  # frozen_string_literal: true
  
  class Rack::Attack
+  # Always allow requests from localhost
+  # (blocklist & throttles are skipped)
+  Rack::Attack.safelist('allow from localhost') do |req|
+    # Requests are allowed if the return value is truthy
+    '127.0.0.1' == req.ip || '::1' == req.ip
+  end
+
    # Rate limits for the API
    throttle('api', limit: 300, period: 5.minutes) do |req|
      req.ip if req.path =~ /\A\/api\/v/
author	Tristan Mahé <gled@remote-shell.net>
	Sat, 29 Apr 2017 22:27:49 +0000 (15:27 -0700)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Sat, 29 Apr 2017 22:27:49 +0000 (00:27 +0200)