PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Security: rate limiting and flash messaging for partage share links

Browse Source 
- Add rate limiting (5 submissions per IP per 10 min, per share link)
  to prevent abuse of shared submission endpoints
- Replace all plain die() error responses with styled flash messages
  and redirects (invalid slug, disabled link, expired link, wrong password,
  rate limit exceeded, CSRF failure)
- Add dedicated error page renderer for disabled/expired links with
  home page link
- Password gate now uses flash message via session redirect instead
  of inline error variable
This commit is contained in:
Pontoporeia
2026-04-16 11:50:59 +02:00
parent 150099dc3c
commit b7be93e30b
2 changed files with 129 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
TODO.md
View File

@@ -28,6 +28,6 @@
- [x] Implement delete link action
- [x] Copy-to-clipboard button for full partage URL
- [ ] Security and validation considerations
- [ ] Rate limiting on form submissions per share link
- [ ] Add flash messages / error handling for invalid/disabled/password-protected links
- [x] Security and validation considerations
- [x] Rate limiting on form submissions per share link — integrate RateLimit into partage index.php POST handler
- [x] Add flash messages / error handling for invalid/disabled/password-protected links — replace plain die() with styled error pages and flash messages