Update attack.rb

tablecheck · Nov 22, 2023 · dec27d2 · dec27d2
1 parent d32166f
commit dec27d2
Showing 1 changed file with 13 additions and 6 deletions.
diff --git a/lib/rack/attack.rb b/lib/rack/attack.rb
@@ -102,14 +102,21 @@ def initialize(app)
     end
 
     def call(env)
-      return @app.call(env) if !self.class.enabled || env["rack.attack.called"]
+      return @app.call(env) if handle_call(env)
+    end
+
+    private
+
+    # Returns true if call should be forwarded to middleware.
+    def handle_call(env)
+      return true if !self.class.enabled || env["rack.attack.called"]
 
       env["rack.attack.called"] = true
       env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
       request = Rack::Attack::Request.new(env)
 
       if configuration.safelisted?(request)
-        @app.call(env)
+        return true
       elsif configuration.blocklisted?(request)
         # Deprecated: Keeping blocklisted_response for backwards compatibility
         if configuration.blocklisted_response
@@ -126,14 +133,14 @@ def call(env)
         end
       else
         configuration.tracked?(request)
-        @app.call(env)
+        return true
       end
+
+      false
     rescue *allowed_errors
-      @app.call(request.env)
+      true
     end
 
-    private
-
     def allowed_errors
       errors = []
       errors << Dalli::DalliError if defined?(Dalli)