From 45d7c7a5e63b875921388222d182f4e32e3b6792 Mon Sep 17 00:00:00 2001 From: Jeffrey Lembeck Date: Mon, 13 Dec 2021 13:28:54 -0800 Subject: [PATCH 1/2] fix(rate-limit): Use setting for anon max --- www/runtest.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/www/runtest.php b/www/runtest.php index 24c05fcdce..85e68c0fec 100644 --- a/www/runtest.php +++ b/www/runtest.php @@ -3087,7 +3087,8 @@ function CheckRateLimit($test, &$error) { $runcount = max(1, $test['runs']); $multiplier = $test['fvonly'] ? 1 : 2; $total_runs = $runcount * $multiplier; - $cmrl = new CheckMonthlyRateLimit($test['ip']); + $monthly_limit = GetSetting('rate_limit_anon_monthly') ? GetSetting('rate_limit_anon_monthly') : 50; + $cmrl = new CheckMonthlyRateLimit($test['ip'], $monthly_limit); $passesMonthly = $cmrl->check($total_runs); if(!$passesMonthly) { From bfc4331e022d7082a8b477c5be648f842cea3b69 Mon Sep 17 00:00:00 2001 From: Jeff Lembeck Date: Mon, 13 Dec 2021 17:45:42 -0800 Subject: [PATCH 2/2] Update www/runtest.php Co-authored-by: Anthony Ricaud --- www/runtest.php | 72 ++++++++++++++++++++++++------------------------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/www/runtest.php b/www/runtest.php index 85e68c0fec..cccd3c461a 100644 --- a/www/runtest.php +++ b/www/runtest.php @@ -3087,27 +3087,27 @@ function CheckRateLimit($test, &$error) { $runcount = max(1, $test['runs']); $multiplier = $test['fvonly'] ? 1 : 2; $total_runs = $runcount * $multiplier; - $monthly_limit = GetSetting('rate_limit_anon_monthly') ? GetSetting('rate_limit_anon_monthly') : 50; + $monthly_limit = GetSetting('rate_limit_anon_monthly') ?: 50; $cmrl = new CheckMonthlyRateLimit($test['ip'], $monthly_limit); $passesMonthly = $cmrl->check($total_runs); - if(!$passesMonthly) { - $error = '

You\'ve reached the limit for logged-out tests this month, but don\'t worry! You can keep testing once you log in, which will give you access to other nice features like:

'; - $error .= << - var intervalId = setInterval(function () { - if(window["_gaq"]) { - clearInterval(intervalId); - window["_gaq"].push("_trackEvent", "Error", "RateLimit", "MonthlyLimitHit"); - } - }, 500); - -HTML; - $error .= loggedInPerks(); - $error .= loggedOutLoginForm(); - return false; - } - + if(!$passesMonthly) { + $error = '

You\'ve reached the limit for logged-out tests this month, but don\'t worry! You can keep testing once you log in, which will give you access to other nice features like:

'; + $error .= << + var intervalId = setInterval(function () { + if(window["_gaq"]) { + clearInterval(intervalId); + window["_gaq"].push("_trackEvent", "Error", "RateLimit", "MonthlyLimitHit"); + } + }, 500); + +HTML; + $error .= loggedInPerks(); + $error .= loggedOutLoginForm(); + return false; + } + // Enforce per-IP rate limits for testing $limit = GetSetting('rate_limit_anon', null); if (isset($limit) && $limit > 0) { @@ -3123,25 +3123,25 @@ function CheckRateLimit($test, &$error) { $register = GetSetting('saml_register'); $apiUrl = GetSetting('api_url'); $error = '

You\'ve reached the limit for logged-out tests per hour, but don\'t worry! You can keep testing once you log in, which will give you access to other nice features like:

'; - $error .= << - var intervalId = setInterval(function () { - if(window["_gaq"]) { - clearInterval(intervalId); - window["_gaq"].push("_trackEvent", "Error", "RateLimit", "HourlyLimitHit"); - } - }, 500); - -HTML; - - $error .= loggedInPerks(); - if ($supportsSaml && $register && $apiUrl) { + $error .= << + var intervalId = setInterval(function () { + if(window["_gaq"]) { + clearInterval(intervalId); + window["_gaq"].push("_trackEvent", "Error", "RateLimit", "HourlyLimitHit"); + } + }, 500); + +HTML; + + $error .= loggedInPerks(); + if ($supportsSaml && $register && $apiUrl) { $error .= "

And also, if you need to run tests programmatically you might be interested in the WebPageTest API

"; - } - $error .= loggedOutLoginForm(); - $ret = false; - } - } + } + $error .= loggedOutLoginForm(); + $ret = false; + } + } return $ret; }