Commit 29521a31 authored by Francisco Lopez's avatar Francisco Lopez

Change the rss url guard clause

parent f1896575
...@@ -10,7 +10,7 @@ module Gitlab ...@@ -10,7 +10,7 @@ module Gitlab
end end
def find_user_from_rss_token def find_user_from_rss_token
return unless current_request.format.atom? return unless current_request.path.ends_with?('.atom')
token = current_request.params[:rss_token].presence token = current_request.params[:rss_token].presence
return unless token return unless token
......
...@@ -241,14 +241,12 @@ describe 'Rack Attack global throttles' do ...@@ -241,14 +241,12 @@ describe 'Rack Attack global throttles' do
let(:throttle_setting_prefix) { 'throttle_authenticated_web' } let(:throttle_setting_prefix) { 'throttle_authenticated_web' }
context 'with the token in the query string' do context 'with the token in the query string' do
context 'with the atom format in the Accept header' do let(:get_args) { [rss_url(user), nil] }
let(:get_args) { [rss_url(user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] } let(:other_user_get_args) { [rss_url(other_user), nil] }
let(:other_user_get_args) { [rss_url(other_user), nil, { 'HTTP_ACCEPT' => 'application/atom+xml' }] }
it_behaves_like 'rate-limited token-authenticated requests' it_behaves_like 'rate-limited token-authenticated requests'
end end
end end
end
describe 'web requests authenticated with regular login' do describe 'web requests authenticated with regular login' do
let(:user) { create(:user) } let(:user) { create(:user) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment