alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: address code review findings for DNS management

Browse Source 
- CRITICAL: Change DNS zones endpoint from GET to POST to avoid
  leaking API token in URL query parameters
- HIGH: Add sync.RWMutex to protect dnsProvider field in Server,
  Deployer, and proxy Manager against concurrent read/write races
- HIGH: Capture old DNS provider reference synchronously before
  launching background cleanup goroutine
- HIGH: Use getDNS()/getDNSProviderLocked() accessors instead of
  direct field reads in all DNS operations
This commit is contained in:
Admin
2026-04-02 14:54:15 +03:00
parent c730cfaa45
commit 670948f113
243 changed files with 15971 additions and 535 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/src/lib/api.ts
+1 -2
View File
@@ -277,8 +277,7 @@ export function testDnsConnection(provider: string, token: string, zoneId: strin
}
export function listDnsZones(token?: string): Promise<DnsZone[]> {
const params = token ? `?token=${encodeURIComponent(token)}` : '';
return get<DnsZone[]>(`/api/settings/dns/zones${params}`);
return post<DnsZone[]>('/api/settings/dns/zones', { token: token ?? '' });
}
export function getDnsRecords(): Promise<DnsRecordView[]> {