• Robert May's avatar
    Block hotlinking to repository archives · 50c11f27
    Robert May authored
    Adds some header detection to help prevent DDOS attempts on the
    repository archive endpoint. Introduced as a concern so it can
    be utilised elsewhere if needed.
    
    Now uses built-in Rails header parser and doesn't block
    legimate Sec-Fetch-Mode headers.
    
    Adds support for hotlinking interception on the API as well, refactors
    most of the system out into a new class to cover both Rails and Grape.
    50c11f27
repositories.rb 5.54 KB