Dinawo/CDN-APP-INSIDER - CDN-APP-INSIDER - Gitea: dinawoSR Inc

Dinawo/CDN-APP-INSIDER

Author	SHA1	Message	Date
dinawo	a8af857cd3	security: fix vulnerabilities and harden code (2026-03-12) Some checks failed continuous-integration/drone/push Build is passing Details continuous-integration/drone/pr Build is failing Details Path traversal fixes: - DeleteFile.js: use path.resolve() + symlink protection (CRITICAL) - DeleteFileFolder.js: add path.resolve() validation + symlink check (CRITICAL) - RenameFile.js: use path.resolve() with proper prefix check + symlink guard (HIGH) - attachments.js: add baseDir validation + skip symlinks in recursive search (MEDIUM) XSS fixes: - dashboard.js: escape user input in onerror/onclick inline attributes (HIGH) - paramadminsettingsetup.script.js: escape values in innerHTML template (MEDIUM) Input validation: - inputValidationMiddleware.js: block suspicious requests instead of logging only (MEDIUM) Version bump: 1.2.2-beta → 1.2.3-beta	2026-03-12 20:18:28 +01:00
Dinawo	aaff0ed4ea	Urgent correction of version v1.0.0-beta.14 due to crash issues when acting on the CDN. All checks were successful continuous-integration/drone/push Build is passing Details We would like to apologize for the inconvenience caused and we would like to thank you for the quick report.	2024-07-12 18:07:19 +02:00
Dinawo	ce8f1bbbac	Update v1.0.0-beta.13 All checks were successful continuous-integration/drone/push Build is passing Details Several modifications made to the API and several bug fixes	2024-06-02 18:13:28 +02:00
Dinawo	d76a781680	Update v1.0.0-beta.12, addition of external APIs and optimization Some checks failed continuous-integration/drone/push Build was killed Details continuous-integration/drone Build was killed Details	2024-05-28 20:20:52 +02:00
Dinawo	4e2e085a63	Update routes and file paths, fix authentication and security issues All checks were successful continuous-integration/drone/push Build is passing Details	2024-04-13 22:17:54 +02:00