From 7f4bd0e1620cf1c5c66ef30f8c44d2d5adc659ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?William=20Herg=C3=A8s?= <william@herges.fr>
Date: Fri, 2 Jan 2026 19:02:15 +0100
Subject: feat(backend): rate limit dumb attacker bot

---
 backend/storage/stats.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'backend/storage')

diff --git a/backend/storage/stats.go b/backend/storage/stats.go
index 345164e..f40c060 100644
--- a/backend/storage/stats.go
+++ b/backend/storage/stats.go
@@ -57,14 +57,11 @@ const HumanPageLoad = "/assets/styles.css"
 
 func UpdateStats(ctx context.Context, r *http.Request, domain string) error {
 	target := r.URL.Path
-	if !strings.HasPrefix(target, "/") {
-		target = "/" + target
-	}
 	if strings.HasPrefix(target, "/admin") {
 		return nil
 	}
 	ref := r.Header.Get("Referer")
-	if ref == "" {
+	if len(ref) == 0 {
 		return nil
 	}
 	refUrl, err := url.Parse(ref)
@@ -72,6 +69,9 @@ func UpdateStats(ctx context.Context, r *http.Request, domain string) error {
 		return nil
 	}
 	ref = refUrl.Host
+	if len(ref) == 0 {
+		return nil
+	}
 	if ref == domain || ref == fmt.Sprintf("localhost:%d", 8000) {
 		ref = refUrl.Path
 		if !strings.HasPrefix(ref, "/") {
-- 
cgit v1.2.3