document security features

drduh · drduh · commit af0956a4b2bb · 2025-12-14T20:03:07.000-08:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -3,3 +3,11 @@
 This software is in beta and has not yet been subject to formal security audit. It may lack adequate user input validation or other features.
 
 Therefore, gone is only intended for use on a secure network with trusted devices, such as a private LAN.
+
+# Features
+
+- basic authentication (via header or form field)
+- delay "tarpit" applied to requests failing auth
+- robust audit logging with time and event detail
+- files stored, indexed with randomly-selected id
+- global request rate limiting (throttle package)
diff --git a/storage/serve.go b/storage/serve.go
@@ -39,5 +39,8 @@ func (s *Storage) ServeWall(w http.ResponseWriter) {
 	disposition := "attachment; filename=\"wall.txt\""
 	w.Header().Set("Content-Disposition", disposition)
 	w.Header().Set("Content-Type", "text/plain")
-	fmt.Fprintf(w, "%s", s.WallContent)
+	_, err := fmt.Fprintf(w, "%s", s.WallContent)
+	if err != nil {
+	    return
+	}
 }
