From 0961a034eaaaa63b55c412ba121072132f53aa79 Mon Sep 17 00:00:00 2001 From: Henry Oswald Date: Tue, 11 Apr 2017 16:08:38 +0100 Subject: [PATCH 1/3] added rate limit to compile endpoint --- services/web/app/coffee/router.coffee | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index 860b7809ed..0556c23c5a 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -111,7 +111,13 @@ module.exports = class Router webRouter.post '/project/:Project_id/settings', AuthorizationMiddlewear.ensureUserCanWriteProjectSettings, ProjectController.updateProjectSettings webRouter.post '/project/:Project_id/settings/admin', AuthorizationMiddlewear.ensureUserCanAdminProject, ProjectController.updateProjectAdminSettings - webRouter.post '/project/:Project_id/compile', AuthorizationMiddlewear.ensureUserCanReadProject, CompileController.compile + webRouter.post '/project/:Project_id/compile', RateLimiterMiddlewear.rateLimit({ + endpointName: "compile-project-http" + params: ["Project_id"] + maxRequests: 800 + timeInterval: 60 * 60 + }), AuthorizationMiddlewear.ensureUserCanReadProject, CompileController.compile + webRouter.post '/project/:Project_id/compile/stop', AuthorizationMiddlewear.ensureUserCanReadProject, CompileController.stopCompile # Used by the web download buttons, adds filename header From c733925a267192369b3cf1d925cfad694e1423a0 Mon Sep 17 00:00:00 2001 From: Henry Oswald Date: Mon, 24 Apr 2017 15:56:09 +0100 Subject: [PATCH 2/3] show rate limit message when compiled too much --- services/web/app/views/project/editor/pdf.pug | 4 ++++ .../public/coffee/ide/pdf/controllers/PdfController.coffee | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/services/web/app/views/project/editor/pdf.pug b/services/web/app/views/project/editor/pdf.pug index e75a2919b7..960d4bf2c9 100644 --- a/services/web/app/views/project/editor/pdf.pug +++ b/services/web/app/views/project/editor/pdf.pug @@ -328,6 +328,10 @@ div.full-size.pdf(ng-controller="PdfController") .alert.alert-danger(ng-show="pdf.compileTerminated") strong #{translate("terminated")}. span #{translate("compile_terminated_by_user")} + + .alert.alert-danger(ng-show="pdf.rateLimited") + strong #{translate("pdf_compile_rate_limit_hit")} + span #{translate("project_flagged_too_many_compiles")} .alert.alert-danger(ng-show="pdf.timedout") p diff --git a/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee b/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee index c2559b1faf..58b577ed20 100644 --- a/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee +++ b/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee @@ -388,7 +388,9 @@ define [ $scope.pdf.view = "pdf" $scope.pdf.compiling = false parseCompileResponse(data) - .error () -> + .error (err, status) -> + if status = 429 + $scope.pdf.rateLimited = true $scope.pdf.compiling = false $scope.pdf.renderingError = false $scope.pdf.error = true From 79bc4c1d3e35a8725d47ead2683e9f560c6dc9e3 Mon Sep 17 00:00:00 2001 From: Henry Oswald Date: Mon, 24 Apr 2017 16:16:02 +0100 Subject: [PATCH 3/3] = != == ;) --- .../web/public/coffee/ide/pdf/controllers/PdfController.coffee | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee b/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee index 58b577ed20..394809d508 100644 --- a/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee +++ b/services/web/public/coffee/ide/pdf/controllers/PdfController.coffee @@ -389,7 +389,7 @@ define [ $scope.pdf.compiling = false parseCompileResponse(data) .error (err, status) -> - if status = 429 + if status == 429 $scope.pdf.rateLimited = true $scope.pdf.compiling = false $scope.pdf.renderingError = false