upaas

sneak/upaas

Fork 0

Commit Graph

Author	SHA1	Message	Date
user	f4a407dda3	fix: change module path to sneak.berlin/go/upaas (fixes #143 ) All checks were successful Check / check (pull_request) Successful in 2m33s Details	2026-02-26 05:58:19 -08:00
user	0bb59bf9c2	feat: sanitize container log output beyond Content-Type Add SanitizeLogs() that strips ANSI escape sequences and non-printable control characters (preserving newlines, carriage returns, and tabs) from all container and deployment log output paths: - HandleAppLogs (text/plain response) - HandleDeploymentLogsAPI (JSON response) - HandleContainerLogsAPI (JSON response) Container log output is attacker-controlled data. Content-Type alone is insufficient — the data itself must be sanitized before serving. Includes comprehensive test coverage for the sanitization function.	2026-02-20 02:54:16 -08:00

Author

SHA1

Message

Date

user

f4a407dda3

fix: change module path to sneak.berlin/go/upaas (fixes #143 )

Check / check (pull_request) Successful in 2m33s

Details

2026-02-26 05:58:19 -08:00

user

0bb59bf9c2

feat: sanitize container log output beyond Content-Type

Add SanitizeLogs() that strips ANSI escape sequences and non-printable
control characters (preserving newlines, carriage returns, and tabs)
from all container and deployment log output paths:

- HandleAppLogs (text/plain response)
- HandleDeploymentLogsAPI (JSON response)
- HandleContainerLogsAPI (JSON response)

Container log output is attacker-controlled data. Content-Type alone
is insufficient — the data itself must be sanitized before serving.

Includes comprehensive test coverage for the sanitization function.

2026-02-20 02:54:16 -08:00

2 Commits