Bump rack-attack from 5.4.2 to 6.0.0 (#10599)
* Bump rack-attack from 5.4.2 to 6.0.0 Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.4.2 to 6.0.0. - [Release notes](https://github.com/kickstarter/rack-attack/releases) - [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md) - [Commits](https://github.com/kickstarter/rack-attack/compare/v5.4.2...v6.0.0) Signed-off-by: dependabot[bot] <support@dependabot.com> * fix payload[:request]
This commit is contained in:
parent
61e28b0ccc
commit
ecbea2e3c6
3 changed files with 6 additions and 4 deletions
2
Gemfile
2
Gemfile
|
@ -66,7 +66,7 @@ gem 'ox', '~> 2.10'
|
||||||
gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
|
gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
|
||||||
gem 'pundit', '~> 2.0'
|
gem 'pundit', '~> 2.0'
|
||||||
gem 'premailer-rails'
|
gem 'premailer-rails'
|
||||||
gem 'rack-attack', '~> 5.4'
|
gem 'rack-attack', '~> 6.0'
|
||||||
gem 'rack-cors', '~> 1.0', require: 'rack/cors'
|
gem 'rack-cors', '~> 1.0', require: 'rack/cors'
|
||||||
gem 'rails-i18n', '~> 5.1'
|
gem 'rails-i18n', '~> 5.1'
|
||||||
gem 'rails-settings-cached', '~> 0.6'
|
gem 'rails-settings-cached', '~> 0.6'
|
||||||
|
|
|
@ -426,7 +426,7 @@ GEM
|
||||||
activesupport (>= 3.0.0)
|
activesupport (>= 3.0.0)
|
||||||
raabro (1.1.6)
|
raabro (1.1.6)
|
||||||
rack (2.0.7)
|
rack (2.0.7)
|
||||||
rack-attack (5.4.2)
|
rack-attack (6.0.0)
|
||||||
rack (>= 1.0, < 3)
|
rack (>= 1.0, < 3)
|
||||||
rack-cors (1.0.3)
|
rack-cors (1.0.3)
|
||||||
rack-protection (2.0.5)
|
rack-protection (2.0.5)
|
||||||
|
@ -735,7 +735,7 @@ DEPENDENCIES
|
||||||
pry-rails (~> 0.3)
|
pry-rails (~> 0.3)
|
||||||
puma (~> 3.12)
|
puma (~> 3.12)
|
||||||
pundit (~> 2.0)
|
pundit (~> 2.0)
|
||||||
rack-attack (~> 5.4)
|
rack-attack (~> 6.0)
|
||||||
rack-cors (~> 1.0)
|
rack-cors (~> 1.0)
|
||||||
rails (~> 5.2.3)
|
rails (~> 5.2.3)
|
||||||
rails-controller-testing (~> 1.0)
|
rails-controller-testing (~> 1.0)
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
ActiveSupport::Notifications.subscribe('rack.attack') do |_name, _start, _finish, _request_id, req|
|
ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish, _request_id, payload|
|
||||||
|
req = payload[:request]
|
||||||
|
|
||||||
next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type']
|
next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type']
|
||||||
Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}")
|
Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}")
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue