Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
rhizome
on Dec 7, 2021
|
parent
|
context
|
favorite
| on:
Issues with Cloudflare Images
Yeah, I've come across sites that allow arbitrary resizing via dimension numbers in the URL. Seems like it would be easy to CPU ddos by submitting random numbers in those fields.
magicalhippo
on Dec 7, 2021
|
next
[–]
And it's fairly easy to "snap" to the nearest available size variant. That way one can add cached variants after-the-fact.
Aeolun
on Dec 8, 2021
|
prev
[–]
You could do the same by requesting any dynamic page many times.
Adding a rate limit to image resizing is no harder than adding it to any other URL.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
