You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, this project does not implement any timeouts whatsoever.
Depending on a number of factors, a malicious client may be able to consume all open sockets and/or available bandwidth, so that no legitimate client may be able to use this server anymore.
As such, it's probably safer to deploy this behind a reverse proxy such as nginx or haproxy if you want to open this to a broader public (aka the internet).
This ticket aims to serve as a base to discuss, evaluate and subsequently implement reasonable limits so that this is no longer needed.
The text was updated successfully, but these errors were encountered:
I'm closing this for now as it hasn't received any input in a while and I have no plans to change this myself anytime soon and I'm not sure there's an issue in the first place. Please come back if you feel this is still an issue and we can reopen this 👍
Currently, this project does not implement any timeouts whatsoever.
Depending on a number of factors, a malicious client may be able to consume all open sockets and/or available bandwidth, so that no legitimate client may be able to use this server anymore.
As such, it's probably safer to deploy this behind a reverse proxy such as nginx or haproxy if you want to open this to a broader public (aka the internet).
This ticket aims to serve as a base to discuss, evaluate and subsequently implement reasonable limits so that this is no longer needed.
The text was updated successfully, but these errors were encountered: