cv-site

txeo/cv-site

Fork 0

Commit Graph

Author	SHA1	Message	Date
juanatsap	ea6ccf9cdd	feat: add origin validation and rate limiting for PDF endpoint Security enhancements: - Implement origin/referer validation middleware - Add rate limiting (3 requests/min per IP) - Default to production domain (juan.andres.morenorub.io) - Verify all protection mechanisms working correctly Documentation updates: - Update README to reflect personal portfolio nature - Remove template encouragement from README - Add verification status to API-PROTECTION.md - Document ALLOWED_ORIGINS configuration in .env.example Cleanup: - Remove templates.backup/ folder - Remove old test screenshots	2025-11-09 14:13:22 +00:00
juanatsap	24b2401519	feat: add origin validation and rate limiting for PDF endpoint - Implemented origin checker middleware to prevent external sites from hotlinking the PDF generation endpoint - Added rate limiter (3 requests per minute per IP) to protect resource-intensive PDF operations - Configured allowed origins via ALLOWED_ORIGINS environment variable with localhost defaults for development	2025-11-09 14:00:10 +00:00
juanatsap	584cfe05b1	refactor: consolidate documentation into main README - Removed redundant documentation files (ADDING-YOUR-PHOTO.md, ARCHITECTURE.md, DEPLOYMENT_SETUP.md) - Moved essential information into the primary README for better discoverability - Streamlined documentation structure to reduce maintenance overhead	2025-11-08 10:34:43 +00:00

Author

SHA1

Message

Date

juanatsap

ea6ccf9cdd

feat: add origin validation and rate limiting for PDF endpoint

Security enhancements:
- Implement origin/referer validation middleware
- Add rate limiting (3 requests/min per IP)
- Default to production domain (juan.andres.morenorub.io)
- Verify all protection mechanisms working correctly

Documentation updates:
- Update README to reflect personal portfolio nature
- Remove template encouragement from README
- Add verification status to API-PROTECTION.md
- Document ALLOWED_ORIGINS configuration in .env.example

Cleanup:
- Remove templates.backup/ folder
- Remove old test screenshots

2025-11-09 14:13:22 +00:00

juanatsap

24b2401519

feat: add origin validation and rate limiting for PDF endpoint

- Implemented origin checker middleware to prevent external sites from hotlinking the PDF generation endpoint
- Added rate limiter (3 requests per minute per IP) to protect resource-intensive PDF operations
- Configured allowed origins via ALLOWED_ORIGINS environment variable with localhost defaults for development

2025-11-09 14:00:10 +00:00

juanatsap

584cfe05b1

refactor: consolidate documentation into main README

- Removed redundant documentation files (ADDING-YOUR-PHOTO.md, ARCHITECTURE.md, DEPLOYMENT_SETUP.md)
- Moved essential information into the primary README for better discoverability
- Streamlined documentation structure to reduce maintenance overhead

2025-11-08 10:34:43 +00:00

3 Commits