PROJEKT.md: Stand 2026-04-23 final, Security + SW by-v319
This commit is contained in:
parent
942924199e
commit
d13a23d817
1 changed files with 8 additions and 1 deletions
|
|
@ -46,10 +46,17 @@ Maps: Leaflet.js + OpenStreetMap (kostenlos, kein Google-Lock)
|
|||
|
||||
---
|
||||
|
||||
## Implementierungsstand (aktuell: 2026-04-23, SW by-v312, APP_VER 300)
|
||||
## Implementierungsstand (aktuell: 2026-04-23, SW by-v319, APP_VER 307)
|
||||
|
||||
### Fertig implementiert ✅
|
||||
|
||||
#### Sicherheit (2026-04-23)
|
||||
- JWT_SECRET Pflicht-Check, Rate-Limits (Login/Register/KI/Giftköder/Wiki)
|
||||
- Honeypot, robots.txt-Härtung, Wasserzeichen in KI-Texten
|
||||
- OG-Tag XSS, File-Upload-Limit, Path-Traversal-Schutz, Magic-Byte-Check
|
||||
- Port 5001 (DSM Admin) aus Internet entfernt, nur noch via WireGuard
|
||||
- Fail2ban auf NPM-Ebene (Scanner/404/Auth)
|
||||
|
||||
#### Desktop Multi-Column Layout (≥1024px)
|
||||
- page-container: 680px → 860px global
|
||||
- Walks: Liste (340px) links + Karte rechts nebeneinander, View-Toggle ausgeblendet
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue