939717fa57
## 核心优化 - 移除详情页自动调用博查API的逻辑,改为按需加载 - 添加基于IP的频率限制(每小时3次) - 实现验证码防护机制(超过阈值后要求验证) - 新增频率限制工具类 utils/rate_limiter.py ## 成本控制 - API调用减少约90%+(只在用户点击时调用) - 防止恶意滥用和攻击 - 可配置的频率限制和验证码策略 ## 文档整合 - 创建 docs/ 目录结构 - 归档历史版本文档到 docs/archive/ - 移动部署文档到 docs/deployment/ - 添加文档索引 docs/README.md ## 技术变更 - 新增依赖: Flask-Limiter==3.5.0 - 修改: app.py (移除自动调用,新增API端点) - 修改: templates/detail_new.html (按需加载UI) - 新增: utils/rate_limiter.py (频率限制和验证码) - 新增: docs/archive/DEVELOP_v2.6.0_API_SECURITY.md ## 部署说明 1. pip install Flask-Limiter==3.5.0 2. 重启应用 3. 无需数据库迁移 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
50 lines
1.4 KiB
JSON
50 lines
1.4 KiB
JSON
{
|
|
"permissions": {
|
|
"allow": [
|
|
"Bash(if [ -d \".git\" ])",
|
|
"Bash(then echo \"Git repository exists\")",
|
|
"Bash(else echo \"No git repository\")",
|
|
"Bash(fi)",
|
|
"Bash(python:*)",
|
|
"Bash(python3:*)",
|
|
"Bash(py test_db.py:*)",
|
|
"Bash(where:*)",
|
|
"Bash(/c/Users/linha/AppData/Local/Microsoft/WindowsApps/python test_db.py)",
|
|
"Bash(pip install:*)",
|
|
"Bash(pip uninstall:*)",
|
|
"Bash(tasklist:*)",
|
|
"Bash(findstr:*)",
|
|
"Bash(dir:*)",
|
|
"Bash(git init:*)",
|
|
"Bash(git add:*)",
|
|
"Bash(git commit:*)",
|
|
"Bash(curl:*)",
|
|
"WebFetch(domain:zjpb.net)",
|
|
"Bash(del import_bookmarks.py test_bookmark_parse.py test_simple_parse.py result.txt)",
|
|
"Bash(git tag:*)",
|
|
"Bash(if [ -f .env ])",
|
|
"Bash(then echo \"exists\")",
|
|
"Bash(else echo \"not exists\")",
|
|
"Bash(timeout /t 3 /nobreak)",
|
|
"Bash(ping:*)",
|
|
"Bash(git diff-tree:*)",
|
|
"Bash(git format-patch:*)",
|
|
"WebFetch(domain:bocha-ai.feishu.cn)",
|
|
"Bash(ls:*)",
|
|
"Bash(git pull:*)",
|
|
"Bash(del nul)",
|
|
"Bash(git checkout:*)",
|
|
"Bash(git push:*)",
|
|
"Bash(netstat:*)",
|
|
"Bash(git config:*)",
|
|
"Bash(taskkill:*)",
|
|
"Bash(cmd /c:*)",
|
|
"Bash(powershell:*)",
|
|
"Bash(ssh:*)",
|
|
"Bash(start:*)",
|
|
"Bash(git status --porcelain=v1)",
|
|
"Bash(timeout 3 cmd:*)"
|
|
]
|
|
}
|
|
}
|