github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-12 18:03:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
35,289 Commits 214 Branches 500 Tags 960 MiB
a6aada16bd
Commit Graph

4 Commits

Author SHA1 Message Date
Roman Rizzi
835d2be4da
FIX: Rate limit and hijack certificate generation. (#8215) 
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
 2019-10-21 13:14:15 -03:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
Guo Xiang Tan
b0c8fdd7da FIX: Properly support defaults for upload site settings. 2019-03-13 16:36:57 +08:00
Guo Xiang Tan
07d07c7b5f FIX: Make Discobot certificate route require login. 2018-08-20 11:22:59 +08:00