Change the rss url guard clause
This commit is contained in:
parent
f189657523
commit
29521a313a
|
@ -10,7 +10,7 @@ module Gitlab
|
|||
end
|
||||
|
||||
def find_user_from_rss_token
|
||||
return unless current_request.format.atom?
|
||||
return unless current_request.path.ends_with?('.atom')
|
||||
|
||||
token = current_request.params[:rss_token].presence
|
||||
return unless token
|
||||
|
|
|
@ -241,14 +241,12 @@ describe 'Rack Attack global throttles' do
|
|||
let(:throttle_setting_prefix) { 'throttle_authenticated_web' }
|
||||
|
||||
context 'with the token in the query string' do
|
||||
context 'with the atom format in the Accept header' do
|
||||
let(:get_args) { [rss_url(user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] }
|
||||
let(:other_user_get_args) { [rss_url(other_user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] }
|
||||
let(:get_args) { [rss_url(user), nil] }
|
||||
let(:other_user_get_args) { [rss_url(other_user), nil] }
|
||||
|
||||
it_behaves_like 'rate-limited token-authenticated requests'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'web requests authenticated with regular login' do
|
||||
let(:user) { create(:user) }
|
||||
|
|
Loading…
Reference in New Issue