forked from MarseyWorld/MarseyWorld
decrease edit and delete ratelimits to hinder mass-deleting and mass-editing
parent
174adfd179
commit
c2c9c79e20
|
@ -50,6 +50,7 @@ class Service(Enum):
|
||||||
|
|
||||||
DEFAULT_RATELIMIT = "30/minute;200/hour;1000/day"
|
DEFAULT_RATELIMIT = "30/minute;200/hour;1000/day"
|
||||||
CASINO_RATELIMIT = "100/minute;5000/hour;20000/day"
|
CASINO_RATELIMIT = "100/minute;5000/hour;20000/day"
|
||||||
|
DELETE_EDIT_RATELIMIT = "10/minute;50/day"
|
||||||
|
|
||||||
PUSH_NOTIF_LIMIT = 1000
|
PUSH_NOTIF_LIMIT = 1000
|
||||||
|
|
||||||
|
|
|
@ -424,8 +424,8 @@ def comment(v):
|
||||||
@app.post("/delete/comment/<int:cid>")
|
@app.post("/delete/comment/<int:cid>")
|
||||||
@limiter.limit('1/second', scope=rpath)
|
@limiter.limit('1/second', scope=rpath)
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@auth_required
|
||||||
def delete_comment(cid, v):
|
def delete_comment(cid, v):
|
||||||
if SITE == 'rdrama.net' and v.id == 253:
|
if SITE == 'rdrama.net' and v.id == 253:
|
||||||
|
@ -625,8 +625,8 @@ def toggle_comment_nsfw(cid, v):
|
||||||
@app.post("/edit_comment/<int:cid>")
|
@app.post("/edit_comment/<int:cid>")
|
||||||
@limiter.limit('1/second', scope=rpath)
|
@limiter.limit('1/second', scope=rpath)
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit("10/minute;100/hour;200/day", deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit("10/minute;100/hour;200/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def edit_comment(cid, v):
|
def edit_comment(cid, v):
|
||||||
c = get_comment(cid, v=v)
|
c = get_comment(cid, v=v)
|
||||||
|
|
|
@ -686,8 +686,8 @@ def submit_post(v, sub=None):
|
||||||
@app.post("/delete/post/<int:pid>")
|
@app.post("/delete/post/<int:pid>")
|
||||||
@limiter.limit('1/second', scope=rpath)
|
@limiter.limit('1/second', scope=rpath)
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@auth_required
|
||||||
def delete_post_pid(pid, v):
|
def delete_post_pid(pid, v):
|
||||||
p = get_post(pid)
|
p = get_post(pid)
|
||||||
|
@ -950,8 +950,8 @@ def get_post_title(v):
|
||||||
@app.post("/edit_post/<int:pid>")
|
@app.post("/edit_post/<int:pid>")
|
||||||
@limiter.limit('1/second', scope=rpath)
|
@limiter.limit('1/second', scope=rpath)
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit("10/minute;100/hour;200/day", deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit("10/minute;100/hour;200/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DELETE_EDIT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def edit_post(pid, v):
|
def edit_post(pid, v):
|
||||||
p = get_post(pid)
|
p = get_post(pid)
|
||||||
|
|
Loading…
Reference in New Issue