Add `:ap_routes` rate limit

diff --git a/config/config.exs b/config/config.exs
index 75866112058d1a61f1cd5ab1e54f0e11b02281e4..2f6145516cda393c7a2417abedbaf07cbd854c1b 100644 (file)
--- a/config/config.exs
+++ b/config/config.exs
@@ -548,7 +548,8 @@ config :pleroma, :rate_limit,
   statuses_actions: {10_000, 15},
   status_id_action: {60_000, 3},
   password_reset: {1_800_000, 5},
-  account_confirmation_resend: {8_640_000, 5}
+  account_confirmation_resend: {8_640_000, 5},
+  ap_routes: {60_000, 15}
 
 # Import environment specific config. This must remain at the bottom
 # of this file so it overrides the configuration defined above.

diff --git a/config/test.exs b/config/test.exs
index 6f75f39b552cdd155cd77e524ebee9cd6ab70e8b..30a51f734e69e2fbe61b6f001c2b3e1250efa0ed 100644 (file)
--- a/config/test.exs
+++ b/config/test.exs
@@ -71,7 +71,8 @@ config :pleroma, Pleroma.ScheduledActivity,
 config :pleroma, :rate_limit,
   search: [{1000, 30}, {1000, 30}],
   app_account_creation: {10_000, 5},
-  password_reset: {1000, 30}
+  password_reset: {1000, 30},
+  ap_routes: nil
 
 config :pleroma, :http_security, report_uri: "https://endpoint.com"
 

diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex
index c70063b84a86edacfc632aacd25b734249cf58de..305901dfdfc6bad991ca6c02b83900d6075c9ea7 100644 (file)
--- a/lib/pleroma/web/ostatus/ostatus_controller.ex
+++ b/lib/pleroma/web/ostatus/ostatus_controller.ex
@@ -22,6 +22,8 @@ defmodule Pleroma.Web.OStatus.OStatusController do
   alias Pleroma.Web.Router
   alias Pleroma.Web.XML
 
+  plug(Pleroma.Plugs.RateLimiter, :ap_routes when action in [:object, :activity])
+
   plug(Pleroma.Web.FederatingPlug when action in [:salmon_incoming])
 
   plug(