fix: rate limiter was blocking all /api/cats reads after 10 requests
uploadLimiter now only applies to POST /api/cats (uploads), not GET reads — previously users were getting 429 after ~10 page navigations. Also remove duplicate file input in ProfilePage and cancel stale rAF on route transition cleanup. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -54,7 +54,11 @@ async function main() {
|
||||
standardHeaders: true,
|
||||
legacyHeaders: false,
|
||||
});
|
||||
app.use('/api/cats', uploadLimiter);
|
||||
// Rate-limit only cat uploads (POST), not reads
|
||||
app.use('/api/cats', (req, _res, next) => {
|
||||
if (req.method !== 'POST') return next();
|
||||
return uploadLimiter(req, _res, next);
|
||||
});
|
||||
|
||||
app.use('/uploads', express.static(path.join(__dirname, '..', 'uploads')));
|
||||
|
||||
|
||||
Reference in New Issue
Block a user