Merge pull request #20 from rallysf/correct-http-codes

Use correct HTTP status codes for blackist and throttle
2026-03-25 09:25:49 +00:00 · 2013-07-02 13:33:03 -07:00 · 2013-07-02 13:33:03 -07:00 · eaaad929b1
commit eaaad929b1
parent 237dc2d944 f348643c24
4 changed files with 8 additions and 8 deletions
--- a/lib/rack/attack.rb
+++ b/lib/rack/attack.rb
@ -39,10 +39,10 @@ module Rack::Attack

      # Set defaults
      @notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
-      @blacklisted_response ||= lambda {|env| [503, {}, ["Blocked\n"]] }
+      @blacklisted_response ||= lambda {|env| [401, {}, ["Unauthorized\n"]] }
      @throttled_response   ||= lambda {|env|
        retry_after = env['rack.attack.match_data'][:period] rescue nil
-        [503, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]]
+        [429, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]]
      }

      self
--- a/spec/fail2ban_spec.rb
+++ b/spec/fail2ban_spec.rb
@ -24,7 +24,7 @@ describe 'Rack::Attack.Fail2Ban' do
      describe 'when not at maxretry' do
        before { get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' }
        it 'fails' do
-          last_response.status.must_equal 503
+          last_response.status.must_equal 401
        end

        it 'increases fail count' do
@ -46,7 +46,7 @@ describe 'Rack::Attack.Fail2Ban' do
        end

        it 'fails' do
-          last_response.status.must_equal 503
+          last_response.status.must_equal 401
        end

        it 'increases fail count' do
@ -83,7 +83,7 @@ describe 'Rack::Attack.Fail2Ban' do
      end

      it 'fails' do
-        last_response.status.must_equal 503
+        last_response.status.must_equal 401
      end

      it 'does not increase fail count' do
@ -103,7 +103,7 @@ describe 'Rack::Attack.Fail2Ban' do
      end

      it 'fails' do
-        last_response.status.must_equal 503
+        last_response.status.must_equal 401
      end

      it 'does not increase fail count' do
--- a/spec/rack_attack_spec.rb
+++ b/spec/rack_attack_spec.rb
@ -15,7 +15,7 @@ describe 'Rack::Attack' do
      before { get '/', {}, 'REMOTE_ADDR' => @bad_ip }
      it "should return a blacklist response" do
        get '/', {}, 'REMOTE_ADDR' => @bad_ip
-        last_response.status.must_equal 503
+        last_response.status.must_equal 401
      end
      it "should tag the env" do
        last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}"
--- a/spec/rack_attack_throttle_spec.rb
+++ b/spec/rack_attack_throttle_spec.rb
@ -26,7 +26,7 @@ describe 'Rack::Attack.throttle' do
      2.times { get '/', {}, 'REMOTE_ADDR' => '1.2.3.4' }
    end
    it 'should block the last request' do
-      last_response.status.must_equal 503
+      last_response.status.must_equal 429
    end
    it 'should tag the env' do
      last_request.env['rack.attack.matched'].must_equal 'ip/sec'