From 9241cbf8616cc58e0b909326a767fc59be9a9d58 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 31 Mar 2020 18:20:48 +0200 Subject: [PATCH] Fix re-sending of e-mail confirmation not being rate limited (#13360) Fix #13330 --- config/initializers/rack_attack.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 8bc1104d4..09458c540 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -42,6 +42,7 @@ class Rack::Attack /auth/sign_in /auth /auth/password + /auth/confirmation ).freeze PROTECTED_PATHS_REGEX = Regexp.union(PROTECTED_PATHS.map { |path| /\A#{Regexp.escape(path)}/ })