Commit 50c11f27 authored by Committed by Sincheol (David) KimBrowse files
Block hotlinking to repository archives
Adds some header detection to help prevent DDOS attempts on the repository archive endpoint. Introduced as a concern so it can be utilised elsewhere if needed. Now uses built-in Rails header parser and doesn't block legimate Sec-Fetch-Mode headers. Adds support for hotlinking interception on the API as well, refactors most of the system out into a new class to cover both Rails and Grape.