FEATURE: cache https redirects per hostname

If a hostname does an https redirect we cache that so next lookup does not incur it. Also, only rate limit per ip once per final destination Raise final destination protection to 1000 ip lookups an hour
2025-02-25 18:55:32 -06:00 · 2017-10-17 16:22:38 +11:00
parent 646c6eb7cd
commit 8185b8cb06
2 changed files with 60 additions and 4 deletions
--- a/spec/components/final_destination_spec.rb
+++ b/spec/components/final_destination_spec.rb
@@ -20,6 +20,7 @@ describe FinalDestination do
        when 'internal-ipv6.com' then '2001:abc:de:01:3:3d0:6a65:c2bf'
        when 'ignore-me.com' then '53.84.143.152'
        when 'force.get.com' then '22.102.29.40'
+        when 'wikipedia.com' then '1.2.3.4'
        else
          as_ip = IPAddr.new(host) rescue nil
          raise "couldn't lookup #{host}" if as_ip.nil?
@@ -308,6 +309,27 @@ describe FinalDestination do
    end
  end

+  describe "https cache" do
+    it 'will cache https lookups' do
+
+      FinalDestination.clear_https_cache!("wikipedia.com")
+
+      stub_request(:head, "http://wikipedia.com/image.png")
+        .to_return(status: 302, body: "", headers: { location: 'https://wikipedia.com/image.png' })
+      stub_request(:head, "https://wikipedia.com/image.png")
+        .to_return(status: 200, body: "", headers: [])
+      stub_request(:get, "https://wikipedia.com/image.png").to_return(status: 200, body: "", headers: {})
+
+      fd('http://wikipedia.com/image.png').resolve
+
+      stub_request(:head, "https://wikipedia.com/image2.png")
+        .to_return(status: 200, body: "", headers: [])
+      stub_request(:get, "https://wikipedia.com/image2.png").to_return(status: 200, body: "", headers: {})
+
+      fd('http://wikipedia.com/image2.png').resolve
+    end
+  end
+
  describe "#escape_url" do
    it "correctly escapes url" do
      fragment_url = "https://eviltrout.com/2016/02/25/fixing-android-performance.html#discourse-comments"