josh/SixFlagsSuperCalendar
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

security: add headers, fetch timeouts, Retry-After cap, env validation
All checks were successful
Build and Deploy / Build & Push (push) Successful in 3m50s
Details

Browse Source 
- next.config.ts: CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
- sixflags.ts: cap Retry-After at 5 min; add 15s AbortSignal.timeout()
- queuetimes.ts: add 10s AbortSignal.timeout()
- rcdb.ts: add 15s AbortSignal.timeout()
- lib/env.ts: parseStalenessHours() guards against NaN from invalid env vars
- db.ts + park-meta.ts: use parseStalenessHours() for staleness window config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Josh Wright
2026-04-04 17:13:01 -04:00
parent e1b0e5e44d
commit 6bb35d468f
7 changed files with 46 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/scrapers/queuetimes.ts
View File

@@ -77,6 +77,7 @@ export async function fetchLiveRides(
const res = await fetch(url, {
headers: HEADERS,
next: { revalidate },
signal: AbortSignal.timeout(10_000),
} as RequestInit & { next: { revalidate: number } });
if (!res.ok) return null;

2
lib/scrapers/rcdb.ts
View File

@@ -28,7 +28,7 @@ const HEADERS = {
export async function scrapeRcdbCoasters(rcdbId: number): Promise<string[] | null> {
const url = `${BASE}/${rcdbId}.htm`;
try {
const res = await fetch(url, { headers: HEADERS });
const res = await fetch(url, { headers: HEADERS, signal: AbortSignal.timeout(15_000) });
if (!res.ok) {
console.error(` RCDB ${rcdbId}: HTTP ${res.status}`);
return null;

4
lib/scrapers/sixflags.ts
View File

@@ -107,12 +107,12 @@ async function fetchApi(
): Promise<ApiResponse> {
const fetchOpts: RequestInit & { next?: { revalidate: number } } = { headers: HEADERS };
if (revalidate !== undefined) fetchOpts.next = { revalidate };
const res = await fetch(url, fetchOpts);
const res = await fetch(url, { ...fetchOpts, signal: AbortSignal.timeout(15_000) });
if (res.status === 429 || res.status === 503) {
const retryAfter = res.headers.get("Retry-After");
const waitMs = retryAfter
? parseInt(retryAfter) * 1000
? Math.min(parseInt(retryAfter, 10) * 1000, 5 * 60 * 1000) // cap at 5 min
: BASE_BACKOFF_MS * Math.pow(2, attempt);
console.log(
` [rate-limited] HTTP ${res.status} — waiting ${waitMs / 1000}s (attempt ${attempt + 1}/${MAX_RETRIES})`