103d454e14
Without this guard any client could send X-Forwarded-For: <spoofed-ip> and bypass per-IP rate limiting entirely. Also switches expireAfterWrite → expireAfterAccess so the 1-minute window starts at first request, not last, and fixes the .gitignore entry that accidentally merged **/test-results/ and .worktrees/ into one broken pattern. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>