sneak/pixa
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Update TODO.md with completed core features

Browse Source
This commit is contained in:
Jeffrey Paul
2026-01-08 03:02:24 -08:00
parent cc2c40bfbf
commit 9ff44b7e65
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
TODO.md
View File

@@ -17,13 +17,13 @@ A single linear checklist of tasks to implement the complete pixa caching image
- [x] Verify basic server starts and healthcheck works
## Core Image Proxy Features
- [ ] Implement URL parsing for `/v1/image/<host>/<path>/<size>.<format>`
- [ ] Implement upstream HTTP client with TLS verification
- [ ] Implement SSRF protection (block private/internal IPs)
- [ ] Implement source host whitelist checking
- [ ] Implement HMAC-SHA256 signature generation
- [ ] Implement HMAC-SHA256 signature verification
- [ ] Implement signature expiration checking
- [x] Implement URL parsing for `/v1/image/<host>/<path>/<size>.<format>`
- [x] Implement upstream HTTP client with TLS verification
- [x] Implement SSRF protection (block private/internal IPs)
- [x] Implement source host whitelist checking
- [x] Implement HMAC-SHA256 signature generation
- [x] Implement HMAC-SHA256 signature verification
- [x] Implement signature expiration checking
- [ ] Implement upstream fetch with timeout and size limits
- [ ] Implement Content-Type validation (whitelist MIME types)
- [ ] Implement magic byte verification