Merge pull request github#13940 from erik-krogh/rate-default

erik-krogh · web-flow · commit 3e2c6d69f936 · 2023-08-10T19:25:33.000+02:00
JS: change the defaults in the qhelp for missing-rate-limit to something more reasonable
diff --git a/javascript/ql/src/Security/CWE-770/examples/MissingRateLimitingGood.js b/javascript/ql/src/Security/CWE-770/examples/MissingRateLimitingGood.js
@@ -4,8 +4,8 @@ var app = express();
 // set up rate limiter: maximum of five requests per minute
 var RateLimit = require('express-rate-limit');
 var limiter = RateLimit({
-  windowMs: 1*60*1000, // 1 minute
-  max: 5
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 100, // max 100 requests per windowMs
 });
 
 // apply rate limiter to all requests
