gauravdiamond opened a new issue, #35921: URL: https://github.com/apache/superset/issues/35921
### Bug description We are using Apache Superset, where multiple APIs are integrated within our application. However, the Superset APIs do not use a nonce or any parameter that can prevent replay attacks. We attempted to mitigate this by implementing a rate-limiting mechanism, but due to Superset’s low network latency and high request-response speed, the NGINX-level configuration is not effectively working. Could you please suggest a suitable solution to prevent replay attacks in this scenario? ### Screenshots/recordings _No response_ ### Superset version master / latest-dev ### Python version 3.9 ### Node version 16 ### Browser Chrome ### Additional context _No response_ ### Checklist - [ ] I have searched Superset docs and Slack and didn't find a solution to my problem. - [ ] I have searched the GitHub issue tracker and didn't find a similar bug report. - [ ] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
