gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Fix uncaught query param encoding errors (#12741)

Browse source
This commit is contained in:
Eugen Rochko 2020-01-02 17:14:58 +01:00 committed by GitHub
parent 9edab7afaf
commit 09d54d1f62
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 41 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/application.rb
View file

@ -7,6 +7,7 @@ require 'rails/all'
Bundler.require(*Rails.groups)
require_relative '../app/lib/exceptions'
require_relative '../app/middleware/handle_bad_encoding_middleware'
require_relative '../lib/paperclip/lazy_thumbnail'
require_relative '../lib/paperclip/gif_transcoder'
require_relative '../lib/paperclip/video_transcoder'
@ -118,6 +119,7 @@ module Mastodon
config.active_job.queue_adapter = :sidekiq
config.middleware.insert_before Rack::Runtime, HandleBadEncodingMiddleware
config.middleware.use Rack::Attack
config.middleware.use Rack::Deflater

3
config/initializers/rack_attack.rb
View file

@ -46,10 +46,7 @@ class Rack::Attack
PROTECTED_PATHS_REGEX = Regexp.union(PROTECTED_PATHS.map { |path| /\A#{Regexp.escape(path)}/ })
# Always allow requests from localhost
# (blocklist & throttles are skipped)
Rack::Attack.safelist('allow from localhost') do |req|
# Requests are allowed if the return value is truthy
req.remote_ip == '127.0.0.1' || req.remote_ip == '::1'
end