Skip to content

Commit

Permalink
Revert "Add rate limiting to cves"
Browse files Browse the repository at this point in the history
  • Loading branch information
@mtruj013
mtruj013 committed May 24, 2024
1 parent 6321cc3 commit f99bc3d
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 35 deletions.
31 changes: 3 additions & 28 deletions webapp/context.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import logging
import json
import numpy
from functools import wraps
from urllib.parse import parse_qs, urlencode

# Packages
Expand All @@ -15,10 +14,6 @@
import dateutil.parser
from slugify import slugify
from canonicalwebteam.http import CachedSession
from limits import storage, strategies, parse

memory_storage = storage.MemoryStorage()
fixed_window = strategies.MovingWindowRateLimiter(memory_storage)


logger = logging.getLogger(__name__)
Expand Down Expand Up @@ -196,27 +191,7 @@ def date_has_passed(date_str):
def sort_by_key_and_ordered_list(list_to_sort, obj_key, ordered_list):
return sorted(
list_to_sort,
key=lambda item: (
ordered_list.index(item[obj_key])
if item[obj_key] in ordered_list
else len(ordered_list)
),
key=lambda item: ordered_list.index(item[obj_key])
if item[obj_key] in ordered_list
else len(ordered_list),
)


def add_rate_limiting(request_limit="100/hour"):
# Rate limit requests to protect from spamming
# To adjust this rate visit
# https://limits.readthedocs.io/en/latest/quickstart.html#examples
def decorator(fn):
@wraps(fn)
def wrapper(*args, **kwargs):
limit = parse(request_limit)
rate_limit = fixed_window.hit(limit)
if not rate_limit:
return flask.abort(429, f"The rate limit is: {request_limit}")
return fn(*args, **kwargs)

return wrapper

return decorator
11 changes: 4 additions & 7 deletions webapp/security/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
from sortedcontainers import SortedDict

# Local
from webapp.context import add_rate_limiting, api_session
from webapp.context import api_session
from webapp.security.api import SecurityAPI

markdown_parser = Markdown(
Expand All @@ -36,7 +36,6 @@ def get_processed_details(notice):
)


@add_rate_limiting(request_limit="80/hour")
def notice(notice_id):
# Check if notice_id is a valid USN or LSN
if re.fullmatch(r"(USN|LSN|SSN)-\d{1,5}-\d{1,2}", notice_id):
Expand Down Expand Up @@ -118,7 +117,6 @@ def notice(notice_id):
return flask.render_template(template, notice=notice)


@add_rate_limiting(request_limit="80/hour")
def notices():
details = flask.request.args.get("details", type=str)
release = flask.request.args.get("release", type=str)
Expand Down Expand Up @@ -249,9 +247,9 @@ def single_notices_sitemap(offset):
links.append(
{
"url": f"https://ubuntu.com/security/notices/{notice_id}",
"last_updated": (
notice["published"] if notice["published"] else ""
),
"last_updated": notice["published"]
if notice["published"]
else "",
}
)

Expand Down Expand Up @@ -405,7 +403,6 @@ def cve_index():
)


@add_rate_limiting(request_limit="80/hour")
def cve(cve_id):
"""
Retrieve and display an individual CVE details page
Expand Down

0 comments on commit f99bc3d

Please sign in to comment.