In my `verify_header` route, I may be making relatively costly DB calls, HTTP calls etc. The middleware still runs for 404 requests, resulting in an indirect Denial of Service attack being possible against the remote resource. It should not run when there are requests that would result in a 404.
In my
verify_headerroute, I may be making relatively costly DB calls, HTTP calls etc.The middleware still runs for 404 requests, resulting in an indirect Denial of Service attack being possible against the remote resource.
It should not run when there are requests that would result in a 404.