osr-discourse-src

Archived

This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.

History

Roman Rizzi 835d2be4da FIX: Rate limit and hijack certificate generation. (#8215 ) To eliminate a DDOS attack vector, we're taking the following measures: The endpoint will be rate-limited to 3 requests every 60 seconds (per user). A 24 hours max-age cache header is sent with the response. The route will be hijacked to generate the certificate in the background.	2019-10-21 13:14:15 -03:00
..
certificate_generator_spec.rb	FIX: Rate limit and hijack certificate generation. (#8215 )	2019-10-21 13:14:15 -03:00

Roman Rizzi 835d2be4da

FIX: Rate limit and hijack certificate generation. (#8215 )

To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.

2019-10-21 13:14:15 -03:00

certificate_generator_spec.rb

FIX: Rate limit and hijack certificate generation. (#8215 )

2019-10-21 13:14:15 -03:00