From 6ab8c71b11bde194b8f2e4dbbcddfdac5be89c14 Mon Sep 17 00:00:00 2001
From: Joe Ardent <code@ardent.nebcorp.com>
Date: Sun, 31 Mar 2024 17:36:08 -0700
Subject: [PATCH] update hitman post with slug guard

---
 content/sundries/hitman/index.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/content/sundries/hitman/index.md b/content/sundries/hitman/index.md
index e0ff640..2aae19a 100644
--- a/content/sundries/hitman/index.md
+++ b/content/sundries/hitman/index.md
@@ -2,6 +2,7 @@
 title = "Hitman: another fine essential sundry service from Nebcorp Heavy Industries and Sundries"
 slug = "hitman"
 date = "2024-03-31"
+updated = "2024-03-31"
 [taxonomies]
 tags = ["software", "sundry", "proclamation", "90s", "hitman", "web"]
 +++
@@ -76,6 +77,12 @@ but the `Origin` headers can be trivially forged. On the other hand, the worst s
 add a bunch of junk to my DB, and I don't care about the data that much; this is all just for
 funsies, anyway!
 
+Still, after writing this out, I realized that someone could send a bunch of junk slugs and hence
+fill my disk from a single IP, so I [added a check against a set of allowed
+slugs](https://git.kittencollective.com/nebkor/hitman/commit/89a985e96098731e5e8691fd84776c1592b6184b)
+to guard against that. Beyond that, I'd need to start thinking about being robust against a targeted
+and relatively sophisticated distributed attack, and it's definitely not worth it.
+
 ## The front end
 
 I mentioned that this blog is made using Zola, a static site generator. Zola has a built-in