txeo/cv-site
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restore rate limiting and fix language switch links

Browse Source 
Security:
- Restore PDF endpoint rate limiting (3 requests/minute)
- Keep security headers middleware (CSP, HSTS, X-Frame-Options)
- Keep origin checker for PDF endpoint
- Restore recovery and logger middleware

Links:
- Fix 'CV in [language]' links to use relative URLs (/?lang=)
- Now correctly navigates to page instead of downloading
- PDF download links remain as full URLs for direct download

Simplifications:
- Remove unused advanced middleware (not yet implemented)
- Use simpler 2-parameter rate limiter constructor
- Remove unused strconv import
This commit is contained in:
juanatsap
2025-11-12 09:51:38 +00:00
parent 6eee66e3e2
commit d9b909bd7e
3 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
main.go
+1
View File
@@ -75,6 +75,7 @@ func main() {
// Create rate limiter for PDF endpoint
// Allow 3 PDF generations per minute per IP
pdfRateLimiter := middleware.NewRateLimiter(3, 1*time.Minute)
log.Printf("🔒 Rate limiter enabled for PDF endpoint (3 requests/minute)")
// Routes
mux.HandleFunc("/", cvHandler.Home)