Description
The rate limiting constants in components/log-viewer-webui/server/src/fastify-v2/app.ts are currently hardcoded and should be made configurable via environment variables for better flexibility in different deployment environments.
Current Hardcoded Values
const RATE_LIMIT_MAX_REQUESTS = 3;
const RATE_LIMIT_TIME_WINDOW_MS = 500;
These constants are used in the 404 Not Found handler rate limiting configuration to prevent URL enumeration attacks.
Proposed Solution
Add environment variables to the existing configuration schema in src/fastify-v2/plugins/external/env.ts:
RATE_LIMIT_404_MAX_REQUESTS (default: 3)RATE_LIMIT_404_TIME_WINDOW_MS (default: 500)
References
Description
The rate limiting constants in
components/log-viewer-webui/server/src/fastify-v2/app.tsare currently hardcoded and should be made configurable via environment variables for better flexibility in different deployment environments.Current Hardcoded Values
These constants are used in the 404 Not Found handler rate limiting configuration to prevent URL enumeration attacks.
Proposed Solution
Add environment variables to the existing configuration schema in
src/fastify-v2/plugins/external/env.ts:RATE_LIMIT_404_MAX_REQUESTS(default: 3)RATE_LIMIT_404_TIME_WINDOW_MS(default: 500)References