rene/banyaro
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Security Nice-to-Have: Dockerfile, Magic-Bytes, Path-Traversal, TABLE_MAP, Deps

Browse source 
- Dockerfile: non-root user appuser, chown /data + /app
- media_utils: validate_upload() Magic-Byte-Check (JPEG/PNG/GIF/WebP/MP4/WebM)
- media_utils: safe_media_path() Path-Traversal-Schutz beim Löschen
- diary/health/dogs: safe_media_path() statt os.path.join + lstrip
- diary: validate_upload() vor jedem Medien-Upload
- forum: _LIKE_TABLE dict statt dynamischer String-Interpolation
- requirements: uvicorn 0.34, PyJWT 2.10.1, pydantic 2.10.6, bcrypt 4.3, httpx 0.28.1, anthropic 0.49
- SW by-v319, APP_VER 307
This commit is contained in:
rene 2026-04-23 18:42:05 +02:00
parent 15f854d96c
commit 71e588a240
9 changed files with 100 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/static/js/app.js
View file

@ -3,7 +3,7 @@
Router, State-Management, Navigation, Initialisierung.
============================================================ */
const APP_VER = '306'; // ← bei jedem Deploy mit Frontend-Änderungen erhöhen
const APP_VER = '307'; // ← bei jedem Deploy mit Frontend-Änderungen erhöhen
const App = (() => {