From 43d3304ed6502bd78bf989c2c4ce7f8882fe9c66 Mon Sep 17 00:00:00 2001
From: Aaron Schulz <aschulz@wikimedia.org>
Date: Wed, 25 Sep 2013 10:58:30 -0700
Subject: [PATCH] Support rate-limiting thumbnail generation

* Added some rate limit comments

Change-Id: I987bb5d0ed8821d64131baefd4457acd25678818
---
 includes/DefaultSettings.php | 13 ++++++++++---
 thumb.php                    |  6 ++++++
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 5b1d4b3089..48e6efce7d 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -4647,13 +4647,20 @@ $wgRateLimits = array(
 		'ip' => null,
 		'subnet' => null,
 	),
-	'mailpassword' => array(
+	'mailpassword' => array( // triggering password resets emails
 		'anon' => null,
 	),
-	'emailuser' => array(
+	'emailuser' => array( // emailing other users using MediaWiki
 		'user' => null,
 	),
-	'linkpurge' => array(
+	'linkpurge' => array( // purges of link tables
+		'anon' => null,
+		'user' => null,
+		'newbie' => null,
+		'ip' => null,
+		'subnet' => null,
+	),
+	'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
 		'anon' => null,
 		'user' => null,
 		'newbie' => null,
diff --git a/thumb.php b/thumb.php
index ef2af24939..f89618079d 100644
--- a/thumb.php
+++ b/thumb.php
@@ -304,6 +304,12 @@ function wfStreamThumb( array $params ) {
 		return;
 	}
 
+	$user = RequestContext::getMain()->getUser();
+	if ( $user->pingLimiter( 'renderfile' ) ) {
+		wfThumbError( 500, wfMessage( 'actionthrottledtext' ) );
+		return;
+	}
+
 	// Thumbnail isn't already there, so create the new thumbnail...
 	try {
 		$thumb = $img->transform( $params, File::RENDER_NOW );
-- 
2.20.1