sneak/upaas
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
0bb59bf9c2
upaas/internal
History
user 0bb59bf9c2 feat: sanitize container log output beyond Content-Type 
Add SanitizeLogs() that strips ANSI escape sequences and non-printable
control characters (preserving newlines, carriage returns, and tabs)
from all container and deployment log output paths:

- HandleAppLogs (text/plain response)
- HandleDeploymentLogsAPI (JSON response)
- HandleContainerLogsAPI (JSON response)

Container log output is attacker-controlled data. Content-Type alone
is insufficient — the data itself must be sanitized before serving.

Includes comprehensive test coverage for the sanitization function.
2026-02-20 02:54:16 -08:00
..
config fix: resolve all lint issues on main branch 2026-02-20 02:39:18 -08:00
database fix: remove undeployed api_tokens migrations (006 + 007) 2026-02-16 00:34:02 -08:00
docker fix: resolve all lint issues on main branch 2026-02-20 02:39:18 -08:00
globals Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
handlers feat: sanitize container log output beyond Content-Type 2026-02-20 02:54:16 -08:00
healthcheck Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
logger Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
middleware fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
models Revert "Merge pull request 'feat: add Gitea Actions CI for make check (closes #96)' (#98) from feat/ci-make-check into main" 2026-02-19 20:36:22 -08:00
server fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
service fix: resolve all lint issues on main branch 2026-02-20 02:39:18 -08:00
ssh fix: resolve all lint issues on main branch 2026-02-20 02:39:18 -08:00