diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2018-01-03 20:22:04 +0100 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2018-01-04 14:13:12 +0100 |
| commit | 09e1bbfee2f997261d24acb37d95bdb638467c02 (patch) | |
| tree | c56e7b931edb0c918f8cc8f8c10e5435338fd46e /Bugzilla.pm | |
| parent | 51605fb0ae3ce7d85b6037e0ac4b22676766ad0c (diff) | |
| download | bugzilla-09e1bbfee2f997261d24acb37d95bdb638467c02.tar.gz bugzilla-09e1bbfee2f997261d24acb37d95bdb638467c02.tar.xz | |
Bug 1426409 - github_secret key has no rate limiting
Diffstat (limited to 'Bugzilla.pm')
| -rw-r--r-- | Bugzilla.pm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 9e5177839..b7aaadf3f 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -317,7 +317,7 @@ sub github_secret { my $cache = $class->request_cache; my $cgi = $class->cgi; - $cache->{github_secret} //= $cgi->cookie('github_secret') // generate_random_password(16); + $cache->{github_secret} //= $cgi->cookie('github_secret') // generate_random_password(256); return $cache->{github_secret}; } @@ -853,7 +853,7 @@ sub check_rate_limit { $action = 'ignore'; } my $limit = join("/", @$limit); - Bugzilla->audit("[rate_limit] action=$action, ip=$ip, limit=$limit"); + Bugzilla->audit("[rate_limit] action=$action, ip=$ip, limit=$limit, name=$name"); ThrowUserError("rate_limit") if $action eq 'block'; } } |