Webhook spam causes Denial-of-Service #1

New issue

Closed

opened 2022-03-02 23:01:44 +00:00 by julia · 1 comment

julia commented 2022-03-02 23:01:44 +00:00

Copy link

I've seen some people spam the /submit endpoint, causing the Webhook to get ratelimited which will result in a Denial-of-Service of the send message function.
An easy way to fix this would be to check if the length < 1.
I may create a pull request once I have enough time to read myself into the code and write a patch.

I've seen some people spam the /submit endpoint, causing the Webhook to get ratelimited which will result in a Denial-of-Service of the send message function. An easy way to fix this would be to check if the length < 1. I may create a pull request once I have enough time to read myself into the code and write a patch.

julia commented 2022-03-02 23:03:58 +00:00

Author

Copy link

While I'm at it: It would be a good idea to check for the POST method and if any other method is used return a 405 Method Not Allowed error.

While I'm at it: It would be a good idea to check for the `POST` method and if any other method is used return a `405 Method Not Allowed` error.

Ghost referenced this issue from a pull request that will close it, 2022-03-02 23:17:25 +00:00

Fix your code #2

TheRed closed this issue 2022-03-09 20:50:58 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: TheRed-Software/Website#1

No description provided.