From 8fa78c0ec8bcdacc824c95e5f7a9faac988c1c92 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Tue, 31 Mar 2020 18:20:48 +0200
Subject: [PATCH] Fix re-sending of e-mail confirmation not being rate limited
 (#13360)

Fix #13330
---
 config/initializers/rack_attack.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index 8bc1104d43..09458c5406 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -42,6 +42,7 @@ class Rack::Attack
     /auth/sign_in
     /auth
     /auth/password
+    /auth/confirmation
   ).freeze
 
   PROTECTED_PATHS_REGEX = Regexp.union(PROTECTED_PATHS.map { |path| /\A#{Regexp.escape(path)}/ })