feat: Implement security fix plan

supabase/functions/upload-image/index.ts

@@ -1,6 +1,7 @@
 import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
 import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
 import { edgeLogger, startRequest, endRequest } from '../_shared/logger.ts'
+import { rateLimiters, withRateLimit } from '../_shared/rateLimiter.ts'
 
 // Environment-aware CORS configuration
 const getAllowedOrigin = (requestOrigin: string | null): string | null => {
@@ -69,7 +70,10 @@ const createAuthenticatedSupabaseClient = (authHeader: string) => {
   })
 }
 
-serve(async (req) => {
+// Apply strict rate limiting (5 requests/minute) to prevent abuse
+const uploadRateLimiter = rateLimiters.strict;
+
+serve(withRateLimit(async (req) => {
   const tracking = startRequest();
   const requestOrigin = req.headers.get('origin');
   const allowedOrigin = getAllowedOrigin(requestOrigin);
@@ -643,4 +647,4 @@ serve(async (req) => {
       }
     )
   }
-})
+}, uploadRateLimiter, getCorsHeaders(allowedOrigin)));