sneak/upaas
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
19d0b015ae
upaas/internal
History
user 19d0b015ae feat: sanitize container log output beyond Content-Type 
Add SanitizeLogs() that strips ANSI escape sequences and non-printable
control characters (preserving newlines, carriage returns, and tabs)
from all container and deployment log output paths:

- HandleAppLogs (text/plain response)
- HandleDeploymentLogsAPI (JSON response)
- HandleContainerLogsAPI (JSON response)

Container log output is attacker-controlled data. Content-Type alone
is insufficient — the data itself must be sanitized before serving.

Includes comprehensive test coverage for the sanitization function.
2026-02-19 20:36:13 -08:00
..
config chore: code cleanup and best practices (closes #45) 2026-02-19 20:27:07 -08:00
database fix: remove undeployed api_tokens migrations (006 + 007) 2026-02-16 00:34:02 -08:00
docker fix: sanitize container log output and fix lint issues 2026-02-19 20:30:11 -08:00
globals Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
handlers feat: sanitize container log output beyond Content-Type 2026-02-19 20:36:13 -08:00
healthcheck Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
logger Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
middleware fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
models fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
server fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
service fix: sanitize container log output and fix lint issues 2026-02-19 20:30:11 -08:00
ssh chore: code cleanup and best practices (closes #45) 2026-02-19 20:27:07 -08:00