security: rate limit on requests (dos precaution)

[cch5ng]

also rate limit on total requests per time interval

[cch5ng]

resource

• http://info.meteor.com/blog/rate-limiting-in-meteor-core
  • dep on user acct and login status; but guess this makes sense b/c if someone makes excessive requests, my application could get banned from the rss sorce
  • also requires rewriting the startup functions as meteor methods (this would be necessary anyhow for implementing a manual refresh button)

[cch5ng]

also look into this:

• http://blog.mailgun.com/security-guide-basic-infrastructure-security/

[cch5ng]

• apply rate limit
• apply security (only logged in users)
• make the refresh a manual event
  • get a refresh icon and put it to the right of the existing control buttons
• get rid of the setInterval
• on manual refresh, update the array of feed titles to read

work on bug fixes locally (branch dev)

• then after tested, load the batch of fixed code (with all dependencies) to the deployed site

[cch5ng]

test for refresh button

• a bit time consuming but need to load the page and then wait for 30 min - hr, until the news source has been updated
• then click refresh button and verify that the feed content has changed from the initial content