alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: security hardening for middleware, crypto, and backup handlers

Browse Source 
- Remove CORS origin reflection (SEC-C1 CRITICAL)
- Add Content-Security-Policy header (SEC-H2)
- Fix rate limiter memory leak with periodic stale IP cleanup (SEC-H5)
- Enforce minimum 32-char ENCRYPTION_KEY (SEC-H4)
- Validate backup type against allowlist (SEC-M6)
- Fix backup download path traversal with path containment check (SEC-C2 CRITICAL)
This commit is contained in:
Admin
2026-04-04 12:40:37 +03:00
parent c6693a2ef5
commit ff59d9f799
4 changed files with 69 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/backup/engine.go
+8
View File
@@ -40,6 +40,14 @@ func (e *Engine) BackupDir() string {
// CreateBackup creates a new database backup using VACUUM INTO.
// Returns the backup metadata record.
func (e *Engine) CreateBackup(backupType string) (store.Backup, error) {
// Validate backup type to prevent path traversal via filename.
switch backupType {
case "manual", "auto", "pre-restore":
// valid
default:
return store.Backup{}, fmt.Errorf("invalid backup type: %q", backupType)
}
e.mu.Lock()
defer e.mu.Unlock()