cce9d216b8
- SSH rate limiter: wire SshRateLimiter into SSHServer with IP-based rate limiting on new_client connections - Room startup: cap initial room load at 1000 via limit() to prevent resource exhaustion on large instances - WS token exposure: only include token in URL for cross-origin connections; same-origin web clients authenticate via secure cookies - CSRF: confirmed SameSite::Lax + Secure + HttpOnly are all set (session config defaults) |
||
|---|---|---|
| .. | ||
| authz.rs | ||
| handle.rs | ||
| mod.rs | ||
| rate_limit.rs | ||
| server.rs | ||