aboutsummaryrefslogtreecommitdiffstats
path: root/src/routes
diff options
context:
space:
mode:
authorMatt Strapp <matt@mattstrapp.net>2022-02-14 20:30:14 -0600
committerMatt Strapp <matt@mattstrapp.net>2022-02-14 20:31:25 -0600
commit04ee5840c849673b2f798f1435427e6f2596b2db (patch)
tree686af0e11ced8c5d9426a1537b0e8decee397d69 /src/routes
parentMake responses more clear (diff)
downloadee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar.gz
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar.bz2
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar.lz
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar.xz
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.tar.zst
ee4511w-web-04ee5840c849673b2f798f1435427e6f2596b2db.zip
Remove redundant rate limiter
Signed-off-by: Matt Strapp <matt@mattstrapp.net>
Diffstat (limited to '')
-rw-r--r--src/routes/api.ts11
1 files changed, 1 insertions, 10 deletions
diff --git a/src/routes/api.ts b/src/routes/api.ts
index 015bd45..4d55626 100644
--- a/src/routes/api.ts
+++ b/src/routes/api.ts
@@ -3,7 +3,6 @@ import express, { Request, Response } from 'express';
import csurf from 'csurf';
import cookieParser from 'cookie-parser';
import fileUpload, { UploadedFile } from 'express-fileupload';
-import rateLimit from 'express-rate-limit';
// For executing the python scripts
import { access, stat } from 'fs/promises';
import { Stats } from 'fs';
@@ -22,15 +21,6 @@ api.use(fileUpload({
debug: false, // Log debug information
}));
-// Slow down frequent requests to prevent DoS attacks
-const rateLimiter = rateLimit({
- windowMs: 1 * 60 * 1000, // 1 minute
- max: 10, // Limit each IP to 10 requests per `window` (here, per 1 minutes)
- standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
- legacyHeaders: false, // Disable the `X-RateLimit-*` headers
-});
-api.use(rateLimiter);
-
// CSRF protection
api.use(cookieParser());
const csrf = csurf({ cookie: true });
@@ -111,6 +101,7 @@ api.route('/upload')
*/
api.route('/actuate')
+ // file deepcode ignore NoRateLimitingForExpensiveWebOperation: This is already rate limited by the website, so we don't need to do it again
.post(csrf, async (req: Request, res: Response) => {
// Make sure the file being requested to run exists
try {