encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-07-28 00:49:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

prevent Dos attacks

Browse Source
This commit is contained in:
jeagercoder 2022-07-26 14:36:08 +07:00
parent a1b35bb44b
commit dda46ee3fd
1 changed files with 2 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
rest_framework/throttling.py
View File

@ -22,22 +22,10 @@ class BaseThrottle:
def get_ident(self, request): def get_ident(self, request):
""" """
Identify the machine making the request by parsing HTTP_X_FORWARDED_FOR Identify the machine making the request with the REMOTE_ADDR variable in the wsgi environment.
if present and number of proxies is > 0. If not use all of
HTTP_X_FORWARDED_FOR if it is available, if not use REMOTE_ADDR.
""" """
xff = request.META.get('HTTP_X_FORWARDED_FOR')
remote_addr = request.META.get('REMOTE_ADDR') remote_addr = request.META.get('REMOTE_ADDR')
num_proxies = api_settings.NUM_PROXIES return remote_addr
if num_proxies is not None:
if num_proxies == 0 or xff is None:
return remote_addr
addrs = xff.split(',')
client_addr = addrs[-min(num_proxies, len(addrs))]
return client_addr.strip()
return ''.join(xff.split()) if xff else remote_addr
def wait(self): def wait(self):
""" """