Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,274 Commits 244 Branches 502 Tags 900 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Roman Rizzi 835d2be4da
FIX: Rate limit and hijack certificate generation. (#8215) 
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
 2019-10-21 13:14:15 -03:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
Guo Xiang Tan b0c8fdd7da FIX: Properly support defaults for upload site settings. 2019-03-13 16:36:57 +08:00
Guo Xiang Tan 07d07c7b5f FIX: Make Discobot certificate route require login. 2018-08-20 11:22:59 +08:00