Increased API token entropy from 128 bits to 256 bits (16 → 32 random bytes). Token format is now upaas_ + 64 hex chars. All tests pass.
b47f871412
Merge pull request 'fix: restrict CORS to configured origins (closes #40)' (#92) from fix/cors-wildcard into main
Fair point — there's no API client and cookie-based auth via the login endpoint works fine for any future one. I included it because I was treating the 1.0 issues list broadly, but this is…
You're right — container log output is attacker-controlled data and shouldn't be marked as trusted. I'll fix this.
There are two places where container/deployment logs hit output:
1.…
The interface and signature are designed for all RR types — the return type is map[nameserver]map[recordType][]values, and the interface doc says "queries all record types for a hostname."…
The break here means only the first NS name's IPs are resolved. If there are 3 authoritative NS names and the first resolves but returns only 1 IP, the other NS IPs are never discovered. Remove the break to resolve all NS names (or at least collect a reasonable number of IPs).
Sending recursive queries (RecursionDesired = true) to root servers won't work — root servers don't offer recursion. This fallback only works in DNS-intercepting environments. Consider falling back to a known public recursive resolver (1.1.1.1, 8.8.8.8) or the system resolver instead.
glueIPs only collects IPv4 addresses (filters on addr.To4() != nil). IPv6 glue records are silently discarded. Some TLDs have IPv6-only nameservers. Should include both address families.
parentDomain() uses a naive 2-label split (minDomainLabels = 2) instead of the Public Suffix List. This breaks for ccTLD domains like example.co.uk → returns co.uk. instead of example.co.uk.. The README explicitly specifies PSL-based classification. Use golang.org/x/net/publicsuffix here.
ErrNotImplemented is now dead code — no method returns it after this PR. Remove it to avoid confusion.
Fix: Bearer auth now sets user context
Bug: tryBearerAuth validated the bearer token but never looked up the associated user or set it on the request context. Downstream handlers calling…