Mirrors/Claper
1
0
Fork 0
mirror of https://github.com/ClaperCo/Claper.git synced 2026-02-24 12:09:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
370 Commits 8 Branches 20 Tags
dev
Commit Graph

10 Commits

Author SHA1 Message Date
Alexandre Lion
8f46837900 Fix critical security vulnerabilities (#211) 
* Fix critical security vulnerabilities

Address 5 critical findings from security audit:
- Sanitize custom embed HTML to prevent stored XSS (strip all non-iframe content)
- Escape URLs in format_body/1 to prevent reflected XSS via post messages
- Add authorization check to form export endpoint (IDOR fix)
- Replace String.to_atom/1 on user input with explicit whitelists (8 locations)
- Add IP-based rate limiting on authentication endpoints via Hammer

* Start rate limiter before endpoint in supervision tree

* Update CHANGELOG
 2026-02-09 19:18:14 +01:00
Alexandre Lion
5853bc34d8 Add admin panel and user roles (#189) 2025-11-20 10:44:06 +01:00
Alex
08b6a7852d Minor ui fix 2024-08-23 15:33:05 +02:00
Alex
5546fedba1 fix locales with more than 2 parts 2024-08-22 17:52:43 +02:00
Alex
189d0121cf Add locale field to users table and implement language switcher in user settings 2024-04-07 12:25:07 +02:00
Alexandre Lion
3f9be7e852 New features for v2 (#83) 2024-04-06 11:48:47 +02:00
Alex
d52411d761 Fix docs and compile errors 2023-09-09 18:10:11 +02:00
Alex
e4cd8379c1 Fix code smell 2023-09-09 17:56:06 +02:00
Finn Behrens
a6418db196 run mix format 2022-11-17 13:37:34 +01:00
Alex
0b392a6953 🎉 First commit of the open source project ! 2022-07-23 01:44:03 +02:00