kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
98984 commits 1 branch 0 tags 899 MiB
Commit graph

7 commits

Author SHA1 Message Date
Cindy Pallares
fe5f75930e
Merge branch 'security-fix-pat-web-access' into 'master' 
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request"

See merge request gitlab/gitlabhq!2583
 2018-11-28 19:13:59 -05:00
Valery Sizov
64679a0d9a Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5876 2018-05-29 15:25:43 +03:00
Francisco Javier López
5ddd576c7e Remove internal api calls from the rack::attack throttling 2018-02-15 16:54:36 +00:00
Michael Kozono
09b01c7560 Don't add methods to Rack::Attack 2017-11-17 09:58:18 +01:00
Michael Kozono
43a682ccaa Fix OAuth API and RSS rate limiting 2017-11-17 09:58:18 +01:00
Michael Kozono
d87030714a Allow throttling code in test environment 
This code should not break other tests because the rate limits are off by default.
 2017-11-17 09:58:18 +01:00
Michael Kozono
dc9266fbea Add request throttles 2017-11-17 09:58:18 +01:00