gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-20 15:19:01 +02:00
Code Issues Actions 19 Packages Projects Releases Wiki Activity

fix(api): also rate limit etapi docs endpoint (#6352)

Browse Source
This commit is contained in:
Elian Doran 2025-07-15 17:06:52 +03:00 committed by GitHub
commit 86f90e6685
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/server/src/etapi/spec.ts
View File

@ -3,12 +3,18 @@ import type { Router } from "express";
import fs from "fs"; import fs from "fs";
import path from "path"; import path from "path";
import { RESOURCE_DIR } from "../services/resource_dir"; import { RESOURCE_DIR } from "../services/resource_dir";
import rateLimit from "express-rate-limit";
const specPath = path.join(RESOURCE_DIR, "etapi.openapi.yaml"); const specPath = path.join(RESOURCE_DIR, "etapi.openapi.yaml");
let spec: string | null = null; let spec: string | null = null;
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // limit each IP to 100 requests per windowMs
});
function register(router: Router) { function register(router: Router) {
router.get("/etapi/etapi.openapi.yaml", (_, res) => { router.get("/etapi/etapi.openapi.yaml", limiter, (_, res) => {
if (!spec) { if (!spec) {
spec = fs.readFileSync(specPath, "utf8"); spec = fs.readFileSync(specPath, "utf8");
} }