You are viewing a single comment's thread from:
RE: [Steemplus API] [v1.0] [Bug-Report] DOS Vulnerability in the API caused by the SPP-Job
Hello @mwfiae,
This is a really good extensively written report.
- The Criticality Is Critical, It affects the resource monitoring majorly and can impact high unnecessary usage.
- You proposed a solution, even if it was discarded it was a good initiative. you should try to inform the PO before starting on the fix that you're on it and get assigned to the issue. this resolves problems like 2 people working on the same project.
- Other solutions could be to filter request based on
origin
header.
the cronjob was the perfect solution. Thanks for including it in your report as well.
This report is very valuable and that's why I'll be staff-picking it from Bug-hunting category.
Thank you for contributing to this project
Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.
To view those questions and the relevant answers related to your post, click here.
Need help? Write a ticket on https://support.utopian.io/.
Chat with us on Discord.
[utopian-moderator]
Thank you very much for the review and the staff-pick! :)
It's a shame that the pull-request wasn't merged because I mentioned it a few times... But I could have better used the github features to make it clearer and will certainly pay more attention next time :)
Ultimately it only were a few lines of code, so hopefully it didn't cost stoodkev too much time to reimplement it.
Also thank you for your valuable feedback! I need to make sure to read more about the origin header :)
Greetings,
Mw
Thank you for your review, @sachincool!
So far this week you've reviewed 1 contributions. Keep up the good work!