Rate limiting improvement

dpotkoc · dpotkoc · commit a4416caa4450 · 2024-03-07T11:10:59.000+01:00
diff --git a/Model/FrontControllerPlugin.php b/Model/FrontControllerPlugin.php
@@ -135,7 +135,7 @@ public function aroundDispatch(FrontControllerInterface $subject, callable $proc
             return $proceed(...$args);
         }
 
-        $path = strtolower($this->request->getPathInfo());
+        $path = strtolower($this->request->getRequestUri());
 
         if ($isRateLimitingEnabled && $this->sensitivePathProtection($path)) {
             return $this->response;
@@ -167,7 +167,8 @@ private function sensitivePathProtection($path)
 
         $limit = false;
         foreach ($limitedPaths as $key => $value) {
-            if (preg_match('{' . $value->path . '}i', $path) == 1) {
+            $value->path = str_replace("#", "\#", $value->path);
+            if (preg_match('#' . $value->path . '#i', $path)) {
                 $limit = true;
                 break;
             }
