ratelimit doesn't filter requests very well

Bug #1669888 reported by John Dickinson on 2017-03-03
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Object Storage (swift)
Low
Unassigned

Bug Description

The ratelimit middleware attempts to rate limit a request if the request patch has at least 4 elements delineated by a '/'. It attempts to do account HEAD requests to the second element.

If the ratelimit middleware is placed before pipeline elements that mutate the path (eg swift3, domain_remap), then the ratelimit middleware ends up generating a lot of spurious subrequests that will fail.

At a minimum, we should better document what ratelimit is looking for and/or where it should be in the pipeline. We should also probably filter the first element of split_path() in ratelimit to look for valid swift api versions (swift.conf 'valid_api_versions').

tags: added: low-hanging-fruit
Changed in swift:
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers