discourse/lib/freedom_patches
Alan Guo Xiang Tan 2492fe7715
FIX: Set sane default for `Net::HTTP` when processing a request (#28141)
This commit patches `Net::HTTP` to reduce the default timeouts of 60
seconds when we are processing a request. There are certain routes in
Discourse which makes external requests and if the proper timeouts are
not set, we risk having the Unicorn master process force restarting the
Unicorn workers once the `30` seconds timeout is reached. This can
potentially become a vector for DoS attacks and this commit is aimed at
reducing the risk here.
2024-08-06 07:12:42 +08:00
..
active_record_attribute_methods.rb DEV: Clean up freedom patches 2022-04-06 10:07:14 +02:00
active_record_disable_serialization.rb DEV: Block accidental serialization of entire AR models (#27668) 2024-07-01 17:08:48 -03:00
ams_include_without_root.rb
copy_file.rb
cose_rsapkcs1.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
fast_image.rb SECURITY: Add FastImage SSRF safe freedom patch 2024-07-03 20:49:15 +08:00
fast_pluck.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
inflector_backport.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
ip_addr.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
mail_disable_starttls.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
net_http.rb FIX: Set sane default for `Net::HTTP` when processing a request (#28141) 2024-08-06 07:12:42 +08:00
rails4.rb DEV: Move distance_of_time_in_words/time_ago_in_words (#21745) 2023-05-25 14:53:59 +02:00
rails_multisite.rb DEV: Make multisite freedom patch compatible with Rails 7.1+ 2023-05-31 14:29:14 +02:00
rails_rack_logger_from_rails_7_2.rb DEV: Upgrade Rails to version 7.1 2024-07-04 10:58:21 +02:00
safe_buffer.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
safe_migrations.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
schema_migration_details.rb DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
sprockets_patches.rb DEV: Drop workbox dependency (#26735) 2024-04-24 10:19:12 +01:00
translate_accelerator.rb FEATURE: add Untranslated filter to admin text customization (#27555) 2024-06-24 06:24:06 -03:00
web_push_request.rb SECURITY: Monkey-patch web-push gem to use safer HTTP client 2023-03-16 15:27:09 -06:00