d9e84812ff
- Core library with SVG and PNG generation - CLI tool with generate and batch commands - Cross-platform path handling for Windows compatibility - Comprehensive test suite with integration tests
23 lines
1.3 KiB
Go
23 lines
1.3 KiB
Go
package constants
|
|
|
|
// Default security limits for DoS protection.
|
|
// These constants define safe default values for user inputs to prevent
|
|
// denial of service attacks through resource exhaustion while remaining configurable.
|
|
|
|
// DefaultMaxIconSize is the default maximum dimension (width or height) for a generated icon.
|
|
// A 4096x4096 RGBA image requires ~64MB of memory, which is generous for legitimate
|
|
// use while preventing unbounded memory allocation attacks.
|
|
// This limit is stricter than the JavaScript reference implementation for enhanced security.
|
|
const DefaultMaxIconSize = 4096
|
|
|
|
// DefaultMaxInputLength is the default maximum number of bytes for the input string to be hashed.
|
|
// 1MB is sufficient for any reasonable identifier and prevents hash computation DoS attacks.
|
|
// Input strings longer than this are rejected before hashing begins.
|
|
const DefaultMaxInputLength = 1 * 1024 * 1024 // 1 MB
|
|
|
|
// DefaultMaxComplexity is the default maximum geometric complexity score for an identicon.
|
|
// This score is calculated as the sum of complexity points for all shapes in an identicon.
|
|
// A complexity score of 100 allows for diverse identicons while preventing resource exhaustion.
|
|
// This value may be adjusted based on empirical analysis of typical identicon complexity.
|
|
const DefaultMaxComplexity = 100
|