sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
d27adc040d
upaas/internal/handlers
History
user d27adc040d Add server-side app name validation (closes #37) 
Validate app names in both HandleAppCreate and HandleAppUpdate using
a regex pattern matching the client-side HTML pattern: lowercase
alphanumeric and hyphens, 2-63 chars, must start and end with
alphanumeric character.

This prevents Docker API errors, path traversal, and log injection
from crafted POST requests bypassing browser validation.
2026-02-15 22:06:08 -08:00
..
app_name_validation_test.go Add server-side app name validation (closes #37) 2026-02-15 22:06:08 -08:00
app_name_validation.go Add server-side app name validation (closes #37) 2026-02-15 22:06:08 -08:00
app.go Add server-side app name validation (closes #37) 2026-02-15 22:06:08 -08:00
auth.go Add CSRF protection to state-changing POST endpoints 2026-02-15 14:17:55 -08:00
dashboard.go Add CSRF protection to state-changing POST endpoints 2026-02-15 14:17:55 -08:00
handlers_test.go fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
handlers.go fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
healthcheck.go Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
port_validation_test.go fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
setup.go Add CSRF protection to state-changing POST endpoints 2026-02-15 14:17:55 -08:00
tail_validation_test.go fix: validate and clamp container log tail parameter (closes #24) 2026-02-15 21:50:00 -08:00
webhook.go fix: limit webhook request body size to 1MB to prevent DoS (closes #1) 2026-02-08 12:02:06 -08:00