[tor-commits] [donate/master] Only do IP rate limiting if no other errors

peterh at torproject.org peterh at torproject.org
Wed Jun 10 22:48:37 UTC 2020


commit c090f91a6caab9c6da5dda2ae908654a5bf8a59a
Author: Peter Haight <peterh at giantrabbit.com>
Date:   Thu May 14 13:02:56 2020 -0700

    Only do IP rate limiting if no other errors
    
    We don't really care if they pound the page with incorrect captcha or other
    fields, so let's only check the IP rate limit if they fill out the fields
    correctly. That way we don't get as many errors emailed to us.
---
 src/SubscriptionController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/SubscriptionController.php b/src/SubscriptionController.php
index 513319ba..c1ee6b66 100644
--- a/src/SubscriptionController.php
+++ b/src/SubscriptionController.php
@@ -62,8 +62,6 @@ class SubscriptionController extends BaseController {
   }
 
   public function subscriptionRequest($request, $response, $args) {
-    $ipRateLimiter = $this->container->get('ipRateLimiter');
-    $ipRateLimiter->check($request);
     $this->vars['bodyClasses'] = array('subscribe');
     $parsedBody = $request->getParsedBody();
     $fieldValidationRules = array(
@@ -90,6 +88,8 @@ class SubscriptionController extends BaseController {
       }
     }
     if (empty($errors)) {
+      $ipRateLimiter = $this->container->get('ipRateLimiter');
+      $ipRateLimiter->check($request);
       $this->sendSubscriptionConfirmation($request, $subscriptionInfo);
       return $response->withRedirect("/subscription-request-sent");
     } else {



More information about the tor-commits mailing list