1
0
mirror of https://github.com/funamitech/mastodon synced 2024-11-27 14:29:03 +09:00

Fix incorrect rate limit on PUT requests (#31356)

This commit is contained in:
Claire 2024-08-09 16:48:05 +02:00 committed by GitHub
parent 1701575704
commit eaedd52def
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -142,7 +142,7 @@ class Rack::Attack
end
throttle('throttle_password_change/account', limit: 10, period: 10.minutes) do |req|
req.warden_user_id if req.put? || (req.patch? && req.path_matches?('/auth'))
req.warden_user_id if (req.put? || req.patch?) && (req.path_matches?('/auth') || req.path_matches?('/auth/password'))
end
self.throttled_responder = lambda do |request|