We have two API endpoints currently. One for generating a dynamic, open graph image used for metadata and another for sending an email when feedback is received. Since we have no sessions/rate limiting, someone can spam these APIs to cause massive email spam.
We should consider adding some form of rate-limiting middleware to prevent this.
We have two API endpoints currently. One for generating a dynamic, open graph image used for metadata and another for sending an email when feedback is received. Since we have no sessions/rate limiting, someone can spam these APIs to cause massive email spam.
We should consider adding some form of rate-limiting middleware to prevent this.