epriestley 9a9fa8bed2 Rate limit attempts to add payment methods in Phortune ... Summary: Ref T13249. See D20132. Although we're probably a poor way to validate a big list of stolen cards in practice in production today (it's very hard to quickly generate a large number of small charges), putting rate limiting on "Add Payment Method" is generally reasonable, can't really hurt anything (no legitimate user will ever hit this limit), and might frustrate attackers in the future if it becomes easier to generate ad-hoc charges (for example, if we run a deal on support pacts and reduce their cost from $1,000 to $1). Test Plan: Reduced limit to 4 / hour, tried to add a card several times, got rate limited. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13249 Differential Revision: https://secure.phabricator.com/D20158		2019-02-13 12:25:56 -08:00
..
PhortuneAddPaymentMethodAction.php	Rate limit attempts to add payment methods in Phortune	2019-02-13 12:25:56 -08:00