update hitman post with slug guard
This commit is contained in:
Joe Ardent
parent
d72bfc5e2b
commit
6ab8c71b11
1 changed files with 7 additions and 0 deletions
|
|
@ -2,6 +2,7 @@
|
||||||
title = "Hitman: another fine essential sundry service from Nebcorp Heavy Industries and Sundries"
|
title = "Hitman: another fine essential sundry service from Nebcorp Heavy Industries and Sundries"
|
||||||
slug = "hitman"
|
slug = "hitman"
|
||||||
date = "2024-03-31"
|
date = "2024-03-31"
|
||||||
|
updated = "2024-03-31"
|
||||||
[taxonomies]
|
[taxonomies]
|
||||||
tags = ["software", "sundry", "proclamation", "90s", "hitman", "web"]
|
tags = ["software", "sundry", "proclamation", "90s", "hitman", "web"]
|
||||||
+++
|
+++
|
||||||
|
|
@ -76,6 +77,12 @@ but the `Origin` headers can be trivially forged. On the other hand, the worst s
|
||||||
add a bunch of junk to my DB, and I don't care about the data that much; this is all just for
|
add a bunch of junk to my DB, and I don't care about the data that much; this is all just for
|
||||||
funsies, anyway!
|
funsies, anyway!
|
||||||
|
|
||||||
|
Still, after writing this out, I realized that someone could send a bunch of junk slugs and hence
|
||||||
|
fill my disk from a single IP, so I [added a check against a set of allowed
|
||||||
|
slugs](https://git.kittencollective.com/nebkor/hitman/commit/89a985e96098731e5e8691fd84776c1592b6184b)
|
||||||
|
to guard against that. Beyond that, I'd need to start thinking about being robust against a targeted
|
||||||
|
and relatively sophisticated distributed attack, and it's definitely not worth it.
|
||||||
|
|
||||||
## The front end
|
## The front end
|
||||||
|
|
||||||
I mentioned that this blog is made using Zola, a static site generator. Zola has a built-in
|
I mentioned that this blog is made using Zola, a static site generator. Zola has a built-in
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue