joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Rate limiter may reject requests that contain a session token (#8399)

Browse Source
This commit is contained in:
Daniel
2023-01-26 00:35:39 +11:00
committed by GitHub
parent 8f7a8f4c9d
commit c114dc8831
2 changed files with 34 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
spec/RateLimit.spec.js
View File

@@ -19,6 +19,27 @@ describe('rate limit', () => {
);
});
it('can limit cloud functions with user session token', async () => {
await Parse.User.signUp('myUser', 'password');
Parse.Cloud.define('test', () => 'Abc');
await reconfigureServer({
rateLimit: [
{
requestPath: '/functions/*',
requestTimeWindow: 10000,
requestCount: 1,
errorResponseMessage: 'Too many requests',
includeInternalRequests: true,
},
],
});
const response1 = await Parse.Cloud.run('test');
expect(response1).toBe('Abc');
await expectAsync(Parse.Cloud.run('test')).toBeRejectedWith(
new Parse.Error(Parse.Error.CONNECTION_FAILED, 'Too many requests')
);
});
it('can add global limit', async () => {
Parse.Cloud.define('test', () => 'Abc');
await reconfigureServer({