mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-22 21:40:55 +01:00
Tweak rate limiting point counts for omnipotent users
Summary: Ref T13008. We haven't hit any issues with this, but I can imagine we might in the future. When one host makes an intracluster request to another host, the `$viewer` ends up as the omnipotent viewer. This viewer isn't logged in, so they'll currently accumulate rate limit points at a high rate. Instead, don't give them any points. These requests are always legitimate, and if they originated from a user request, that request should be the one getting rate limited. Test Plan: Browsed around. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13008 Differential Revision: https://secure.phabricator.com/D18708
This commit is contained in:
parent
0e645b8f11
commit
819b833607
1 changed files with 9 additions and 1 deletions
|
@ -35,7 +35,15 @@ final class PhabricatorClientRateLimit
|
|||
// If the user was logged in, let them make more requests.
|
||||
if (isset($request_state['viewer'])) {
|
||||
$viewer = $request_state['viewer'];
|
||||
if ($viewer->isLoggedIn()) {
|
||||
if ($viewer->isOmnipotent()) {
|
||||
// If the viewer was omnipotent, this was an intracluster request or
|
||||
// some other kind of special request, so don't give it any points
|
||||
// toward rate limiting.
|
||||
$score = 0;
|
||||
} else if ($viewer->isLoggedIn()) {
|
||||
// If the viewer was logged in, give them fewer points than if they
|
||||
// were logged out, since this traffic is much more likely to be
|
||||
// legitimate.
|
||||
$score = 0.25;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue