From 1fa555f37cd0d720d4f198066ae83e82f0150a5c Mon Sep 17 00:00:00 2001
From: Marco Colli <collimarco91@gmail.com>
Date: Sat, 26 Jan 2019 15:23:40 +0100
Subject: [PATCH] Update advanced_configuration.md

---
 docs/advanced_configuration.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/docs/advanced_configuration.md b/docs/advanced_configuration.md
index b4f877a..c17590a 100644
--- a/docs/advanced_configuration.md
+++ b/docs/advanced_configuration.md
@@ -90,4 +90,20 @@ Rack::Attack.blocklist('basic auth crackers') do |req|
     auth.credentials != [my_username, my_password]
   end
 end
-```
\ No newline at end of file
+```
+
+### Match Actions in Rails
+
+Instead of matching the URL with complex regex, it can be much easier to mach specific controller actions:
+
+```ruby
+Rack::Attack.safelist('unlimited requests') do |request|
+  safelist = [
+    'controller#action',
+    'another_controller#another_action'
+  ]
+  route = (Rails.application.routes.recognize_path request.url rescue {}) || {}
+  action = "#{route[:controller]}##{route[:action]}"
+  safelist.any? { |safe| action == safe }
+end
+```