Commit 5addff7e authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'use-remote-ip-for-akismet' into 'master'

Use ActionDispatch Remote IP for Akismet checking

Previously all remote IPs appeared at 127.0.0.1, which made Akismet
not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html)
should provide more reliable results.

Closes #16629

See merge request !3961
parents d4668825 e99cf058
......@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
v 8.8.0 (unreleased)
- Remove future dates from contribution calendar graph.
- Use ActionDispatch Remote IP for Akismet checking
- Fix error when visiting commit builds page before build was updated
- Add 'l' shortcut to open Label dropdown on issuables and 'i' to create new issue on a project
- Updated search UI
......
......@@ -24,8 +24,8 @@ module API
def create_spam_log(project, current_user, attrs)
params = attrs.merge({
source_ip: env['REMOTE_ADDR'],
user_agent: env['HTTP_USER_AGENT'],
source_ip: client_ip(env),
user_agent: user_agent(env),
noteable_type: 'Issue',
via_api: true
})
......
......@@ -9,14 +9,22 @@ module Gitlab
Gitlab.config.gitlab.url)
end
def client_ip(env)
env['action_dispatch.remote_ip'].to_s
end
def user_agent(env)
env['HTTP_USER_AGENT']
end
def check_for_spam?(project, user)
akismet_enabled? && !project.team.member?(user)
end
def is_spam?(environment, user, text)
client = akismet_client
ip_address = environment['REMOTE_ADDR']
user_agent = environment['HTTP_USER_AGENT']
ip_address = client_ip(environment)
user_agent = user_agent(environment)
params = {
type: 'comment',
......
......@@ -24,7 +24,7 @@ describe Gitlab::AkismetHelper, type: :helper do
describe '#is_spam?' do
it 'returns true for spam' do
environment = {
'REMOTE_ADDR' => '127.0.0.1',
'action_dispatch.remote_ip' => '127.0.0.1',
'HTTP_USER_AGENT' => 'Test User Agent'
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment