Closed
Bug 697245
Opened 13 years ago
Closed 11 years ago
Login should ratelimit on POST requests only
Categories
(addons.mozilla.org Graveyard :: Public Pages, defect)
addons.mozilla.org Graveyard
Public Pages
Tracking
(Not tracked)
RESOLVED
WONTFIX
4.x (triaged)
People
(Reporter: cvan, Unassigned)
Details
Login page is ratelimited such that there is an allowed maximum of 15 requests per minute. This includes both GET and POST. We should be ratelimiting upon POST requests only.
Reporter | ||
Updated•13 years ago
|
Assignee: nobody → cwiemeersch
Target Milestone: --- → 6.2.9
Reporter | ||
Updated•13 years ago
|
Target Milestone: 6.2.9 → 6.3.0
Reporter | ||
Updated•13 years ago
|
Target Milestone: 6.3.0 → 6.3.2
Reporter | ||
Comment 1•13 years ago
|
||
Pushing this back since ratelimiting is still disabled.
Target Milestone: 6.3.2 → 6.3.4
Updated•13 years ago
|
Target Milestone: 6.3.4 → 6.3.3
Reporter | ||
Comment 2•13 years ago
|
||
I'll worry about this when the new login page goes live (bug 560978).
Target Milestone: 6.3.3 → 4.x (triaged)
Reporter | ||
Updated•12 years ago
|
Assignee: cvan → nobody
Comment 3•11 years ago
|
||
I don't mind GET being limited
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
Reporter | ||
Comment 4•11 years ago
|
||
We removed ratelimiting altogether. But ratelimiting GET was causing QA headaches.
Comment 5•11 years ago
|
||
good point
Assignee | ||
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•