Commit 50c11f27 authored by Robert May's avatar Robert May Committed by Sincheol (David) Kim
Browse files

Block hotlinking to repository archives

Adds some header detection to help prevent DDOS attempts on the
repository archive endpoint. Introduced as a concern so it can
be utilised elsewhere if needed.

Now uses built-in Rails header parser and doesn't block
legimate Sec-Fetch-Mode headers.

Adds support for hotlinking interception on the API as well, refactors
most of the system out into a new class to cover both Rails and Grape.
parent 0c30b235
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment