Harden backend against critical and high security vulnerabilities
All checks were successful
Deploy with Docker Compose / deploy (push) Successful in 3m51s
All checks were successful
Deploy with Docker Compose / deploy (push) Successful in 3m51s
- Fix WebSocket CheckOrigin to use proper url.Parse instead of string stripping - Add admin auth checks to Users/User GraphQL queries - Remove GraphQL GET transport to prevent CSRF via cross-site links - Add application-level IP-based login rate limiting (5 attempts/min) - Add path traversal bounds check on radio file upload - Require DEV_MODE for GraphQL introspection and playground - Move notes backend endpoint behind admin middleware - Add dedicated Nginx rate limit zone for GraphQL (10r/s) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -37,6 +37,13 @@ func (store *Store) UploadRadioSong(ctx *gin.Context) {
|
||||
filename := filepath.Base(file.Filename)
|
||||
dest := filepath.Join(fallbackMusicDir, filename)
|
||||
|
||||
// Verify the resolved path stays within the music directory
|
||||
absDest, err := filepath.Abs(dest)
|
||||
if err != nil || !strings.HasPrefix(absDest, fallbackMusicDir+string(os.PathSeparator)) {
|
||||
ctx.JSON(http.StatusBadRequest, gin.H{"error": "invalid filename"})
|
||||
return
|
||||
}
|
||||
|
||||
if _, err := os.Stat(dest); err == nil {
|
||||
ctx.JSON(http.StatusConflict, gin.H{"error": "file already exists"})
|
||||
return
|
||||
|
||||
Reference in New Issue
Block a user