P2: RATE_LIMIT_PER_MINUTE env var NaN on invalid input — rate limiting silently disabled #13

Closed
opened 2026-05-13 20:40:03 -05:00 by null · 0 comments
Owner

Severity: P2 — Medium

File: server/index.js ~line 38

Problem: parseInt(process.env.RATE_LIMIT_PER_MINUTE || 5, 10) returns NaN if env var is non-numeric (e.g., abc). Rate limiting silently disabled.

Impact: Rate limiting disabled without warning.

Fix: Add NaN check and fallback to default value with warning log.

## Severity: P2 — Medium **File:** server/index.js ~line 38 **Problem:** parseInt(process.env.RATE_LIMIT_PER_MINUTE || 5, 10) returns NaN if env var is non-numeric (e.g., abc). Rate limiting silently disabled. **Impact:** Rate limiting disabled without warning. **Fix:** Add NaN check and fallback to default value with warning log.
null added the
P2 Medium
bug
security
backend
labels 2026-05-17 14:25:55 -05:00
null closed this issue 2026-05-17 15:48:50 -05:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: null/Queue-North-Website#13
No description provided.