Skip to content

Commit

Permalink
Fix code scanning alert no. 2: Missing rate limiting (#37)
Browse files Browse the repository at this point in the history
* Fix code scanning alert no. 2: Missing rate limiting

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update package-lock.json

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
  • Loading branch information
1 parent ed2be5c commit 989fe1b
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 3 deletions.
9 changes: 8 additions & 1 deletion main.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ const JS7z = require("./libraries/js7z/js7z.cjs");
const crypto = require("crypto");

const express = require("express");
const RateLimit = require("express-rate-limit");
const DEFAULT_PORT = 8998;
const MIN_PORT = 1024; // Minimum valid port number
const MAX_PORT = 65535; // Maximum valid port number
Expand Down Expand Up @@ -314,8 +315,14 @@ function createWindow() {
applog.info(`App started. Version ${version}`);
}

// Set up rate limiter: maximum of 100 requests per 15 minutes
const limiter = RateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // max 100 requests per windowMs
});

// Set up the express server to serve video files
expressApp.get("/video/:folderName/:fileName", (req, res) => {
expressApp.get("/video/:folderName/:fileName", limiter, (req, res) => {
const { folderName, fileName } = req.params;
const documentsPath = getSaveFolder();
const videoFolder = path.resolve(documentsPath, "video_files", folderName);
Expand Down
17 changes: 16 additions & 1 deletion package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@
"react-loading-skeleton": "^3.5.0",
"react-router-dom": "^7.1.1",
"sonner": "^1.7.1",
"wavesurfer.js": "^7.8.15"
"wavesurfer.js": "^7.8.15",
"express-rate-limit": "^7.5.0"
},
"devDependencies": {
"@electron-forge/cli": "^7.6.0",
Expand Down

0 comments on commit 989fe1b

Please sign in to comment.