alexei.dolgolyov/notify-bridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 31 Wiki Activity

feat: security hardening — SSRF guard, template sandbox timeout, webhook log prune, auth & backup polish

Browse Source 
- Add outbound URL validation (SSRF) for webhook/Discord/Slack/ntfy/Matrix dispatch
- Template renderer: input/output caps and thread-based render timeout
- Webhook log filter: strip Authorization/signature/token-like headers; atomic prune
- Auth/JWT/backup/config tightening; misc frontend UX fixes
This commit is contained in:
Admin
2026-04-16 03:21:45 +03:00
parent 734e5c9340
commit f0739ca949
30 changed files with 567 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/src/routes/bots/EmailBotTab.svelte
+1 -1
View File
@@ -21,7 +21,7 @@
let editingEmail = $state<number | null>(null);
let emailSubmitting = $state(false);
let emailTesting = $state<Record<number, boolean>>({});
let confirmDeleteEmail = $state<EmailBot | null>(null);
let confirmDeleteEmail = $state<{ id: number; onconfirm: () => Promise<void> } | null>(null);
let error = $state('');
const defaultEmailForm = () => ({