encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-29 13:04:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Throttles now use HTTP_X_FORWARDED_FOR, falling back to REMOTE_ADDR to identify anonymous requests

Browse Source
This commit is contained in:
Tom Christie 2013-08-28 15:32:41 +01:00
parent 711fb9761c
commit 2d5e14a8d3
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
rest_framework/throttling.py
View File

@ -152,7 +152,9 @@ class AnonRateThrottle(SimpleRateThrottle):
if request.user.is_authenticated(): if request.user.is_authenticated():
return None # Only throttle unauthenticated requests. return None # Only throttle unauthenticated requests.
ident = request.META.get('REMOTE_ADDR', None) ident = request.META.get('HTTP_X_FORWARDED_FOR')
if ident is None:
ident = request.META.get('REMOTE_ADDR')
return self.cache_format % { return self.cache_format % {
'scope': self.scope, 'scope': self.scope,