ab7c43b887
All checks were successful
Check / check (pull_request) Successful in 11m21s
Remove POST /apps, DELETE /apps/{id}, and POST /apps/{id}/deploy from
the API v1 route group. These endpoints used cookie-based session auth
without CSRF protection, creating a CSRF vulnerability.
Read-only endpoints (GET /apps, GET /apps/{id}, GET /apps/{id}/deployments),
login, and whoami are retained.
Removed handlers: HandleAPICreateApp, HandleAPIDeleteApp,
HandleAPITriggerDeploy, along with apiCreateRequest struct and
validateCreateRequest function.
Updated tests to use service layer directly for app creation in
remaining read-only endpoint tests.
|
||
|---|---|---|
| .. | ||
| config | ||
| database | ||
| docker | ||
| globals | ||
| handlers | ||
| healthcheck | ||
| logger | ||
| middleware | ||
| models | ||
| server | ||
| service | ||
| ssh | ||