security: fix hardcoded aes key, rate limiter shutdown, stale cache errors, body limit, session cookies

This commit is contained in:
2026-04-20 01:48:53 +02:00
parent bbf208b4bf
commit dccd9d8f59
7 changed files with 43 additions and 16 deletions

View File

@@ -5,6 +5,7 @@ import (
"encoding/json"
"errors"
"fmt"
"log"
"net"
"net/http"
"strconv"
@@ -241,9 +242,14 @@ func (c *Client) getWithCache(ctx context.Context, cacheKey string, ttl time.Dur
if err := c.fetchWithRetry(ctx, url, out); err != nil {
if hasStale {
staleBytes, _ := json.Marshal(stale)
json.Unmarshal(staleBytes, out)
return nil
staleBytes, marshalErr := json.Marshal(stale)
if marshalErr == nil {
unmarshalErr := json.Unmarshal(staleBytes, out)
if unmarshalErr == nil {
return nil
}
}
log.Printf("jikan: stale cache unmarshal failed, falling back to error: %v", err)
}
return err
}