Change the rss url guard clause

29521a31 · Francisco Lopez · f1896575 · 29521a31 · 29521a31
Commit 29521a31 authored Nov 10, 2017 by Francisco Lopez
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 6 deletions

lib/gitlab/auth/user_auth_finders.rb lib/gitlab/auth/user_auth_finders.rb +1 -1

spec/requests/rack_attack_global_spec.rb spec/requests/rack_attack_global_spec.rb +3 -5

No files found.
--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -10,7 +10,7 @@ module Gitlab
      end
      def find_user_from_rss_token
-        return unless current_request.format.atom?
+        return unless current_request.path.ends_with?('.atom')
        token = current_request.params[:rss_token].presence
        return unless token

--- a/spec/requests/rack_attack_global_spec.rb
+++ b/spec/requests/rack_attack_global_spec.rb
@@ -241,12 +241,10 @@ describe 'Rack Attack global throttles' do
    let(:throttle_setting_prefix) { 'throttle_authenticated_web' }
    context 'with the token in the query string' do
-      context 'with the atom format in the Accept header' do
+      let(:get_args) { [rss_url(user), nil] }
-        let(:get_args) { [rss_url(user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] }
+      let(:other_user_get_args) { [rss_url(other_user), nil] }
-        let(:other_user_get_args) { [rss_url(other_user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] }
-        it_behaves_like 'rate-limited token-authenticated requests'
+      it_behaves_like 'rate-limited token-authenticated requests'
-      end
    end
  end