sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix response status comment for README

Browse source
This commit is contained in:
Zach Millman 2013-07-12 14:45:59 -07:00
parent d05da7d39b
commit 8a0fd35880
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -165,6 +165,8 @@ Customize the response of blacklisted and throttled requests using an object tha
```ruby ```ruby
Rack::Attack.blacklisted_response = lambda do |env| Rack::Attack.blacklisted_response = lambda do |env|
# Using 503 because it may make attacker think that they have successfully
# DOSed the site, Rack::Attack returns 401 for blacklists by default
[ 503, {}, ['Blocked']] [ 503, {}, ['Blocked']]
end end
@ -176,6 +178,8 @@ Customize the response of blacklisted and throttled requests using an object tha
env['rack.attack.match_data'] env['rack.attack.match_data']
].inspect ].inspect
# Using 503 because it may make attacker think that they have successfully
# DOSed the site, Rack::Attack returns 401 for blacklists by default
[ 503, {}, [body]] [ 503, {}, [body]]
end end
``` ```
@ -186,8 +190,6 @@ For responses that did not exceed a throttle limit, Rack::Attack annotates the e
request.env['rack.attack.throttle_data'][name] # => { :count => n, :period => p, :limit => l } request.env['rack.attack.throttle_data'][name] # => { :count => n, :period => p, :limit => l }
``` ```
Note that Rack::Attack uses 503 Service Unavailable by default instead of 429 Too Many Requests for throttling because it may make attacker think that they have successfully DOSed the site.
## Logging & Instrumentation ## Logging & Instrumentation
Rack::Attack uses the [ActiveSupport::Notifications](http://api.rubyonrails.org/classes/ActiveSupport/Notifications.html) API if available. Rack::Attack uses the [ActiveSupport::Notifications](http://api.rubyonrails.org/classes/ActiveSupport/Notifications.html) API if available.