Skip to content

fix: apply global rate limiting in CSP demo server to satisfy CodeQL#32923

Merged
EugeniyKiyashko merged 1 commit intoDevExpress:26_1from
EugeniyKiyashko:26_1_rate_3
Mar 16, 2026
Merged

fix: apply global rate limiting in CSP demo server to satisfy CodeQL#32923
EugeniyKiyashko merged 1 commit intoDevExpress:26_1from
EugeniyKiyashko:26_1_rate_3

Conversation

@EugeniyKiyashko
Copy link
Contributor

@EugeniyKiyashko EugeniyKiyashko commented Mar 16, 2026

No description provided.

@EugeniyKiyashko EugeniyKiyashko self-assigned this Mar 16, 2026
Copilot AI review requested due to automatic review settings March 16, 2026 10:16
Copilot AI reviewed Mar 16, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the CSP demo Express server to apply rate limiting globally (instead of per-route) to address CodeQL findings in the demo server used by CSP validation checks.

Changes:

  • Register the rate limiter as a global Express middleware.
  • Remove per-route rateLimiter usage from CSP endpoints and demo index routes.
  • Rely on the global limiter to cover static file serving as well.

@EugeniyKiyashko EugeniyKiyashko merged commit 066838b into DevExpress:26_1 Mar 16, 2026
156 of 158 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@alexslavr alexslavr alexslavr approved these changes

@dmlvr dmlvr dmlvr approved these changes

Assignees

@EugeniyKiyashko EugeniyKiyashko

Labels

26_1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@EugeniyKiyashko @alexslavr @dmlvr