From fe01a51a51364890cca5b2661706fadb710f3136 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Mon, 9 Oct 2017 14:43:15 -0400
Subject: [PATCH] remove additional queries since they can be abused

---
 src/Icons/Controllers/IconsController.cs | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/src/Icons/Controllers/IconsController.cs b/src/Icons/Controllers/IconsController.cs
index 7631c97b0..b4d695c29 100644
--- a/src/Icons/Controllers/IconsController.cs
+++ b/src/Icons/Controllers/IconsController.cs
@@ -28,10 +28,7 @@ namespace Bit.Icons.Controllers
         }
 
         [HttpGet("")]
-        public async Task<IActionResult> Get(
-            [FromQuery]string domain,
-            [FromQuery]string size = "16..24..200",
-            [FromQuery]string formats = null)
+        public async Task<IActionResult> Get([FromQuery]string domain)
         {
             if(string.IsNullOrWhiteSpace(domain))
             {
@@ -49,12 +46,12 @@ namespace Bit.Icons.Controllers
             }
 
             var mappedDomain = _domainMappingService.MapDomain(uri.Host);
-            var cacheKey = $"{mappedDomain}_{size}_{formats}";
+            var cacheKey = $"{mappedDomain}";
             var icon = await _memoryCache.GetOrCreateAsync(cacheKey, async entry =>
             {
                 entry.AbsoluteExpiration = DateTime.UtcNow.AddHours(_iconsSettings.CacheHours);
 
-                var iconUrl = $"{_iconsSettings.BestIconBaseUrl}/icon?url={mappedDomain}&size={size}&formats={formats}";
+                var iconUrl = $"{_iconsSettings.BestIconBaseUrl}/icon?url={mappedDomain}&size=16..24..32";
                 var response = await _httpClient.GetAsync(iconUrl);
                 if(!response.IsSuccessStatusCode)
                 {