|
|
ec6a20ebd1
|
Stabilize auth cookies for proxied split-domain deployments
|
2026-03-02 17:50:16 -03:00 |
|
|
|
700f0d6d79
|
Use version-safe FastAPI CSRF dependency params
|
2026-03-01 21:44:59 -03:00 |
|
|
|
3cccf2e0e8
|
Fix auth route response injection crash
|
2026-03-01 21:43:09 -03:00 |
|
|
|
26eae1a09b
|
Fix auth session persistence with HttpOnly cookies and CSRF
|
2026-03-01 21:39:22 -03:00 |
|
|
|
874597e40b
|
Fix predefined catalog visibility and port security must-know guidance
|
2026-03-01 21:15:12 -03:00 |
|
|
|
4c27fd6483
|
Harden auth login against brute-force and refresh security docs
|
2026-03-01 18:24:26 -03:00 |
|
|
|
1c57084ebf
|
Hardcode CORS credentials disabled and remove env toggle
|
2026-03-01 17:16:13 -03:00 |
|
|
|
bfc89fe5ce
|
Revert "Allow private-network CORS origins in development"
This reverts commit 1b2e0cb8af.
|
2026-03-01 17:12:06 -03:00 |
|
|
|
1b2e0cb8af
|
Allow private-network CORS origins in development
|
2026-03-01 17:08:50 -03:00 |
|
|
|
0242e061c2
|
Harden auth and security controls with session auth and docs
|
2026-03-01 15:29:09 -03:00 |
|
|
|
c5423fc9c3
|
Stabilize API routing, CORS, and settings save behavior
|
2026-03-01 14:27:19 -03:00 |
|
|
|
48cfc79b5f
|
Fix LAN API base and development CORS regression
|
2026-03-01 13:56:25 -03:00 |
|
|
|
bdd97d1c62
|
Harden security controls from REPORT findings
|
2026-03-01 13:32:08 -03:00 |
|
|
|
c3f34b38b4
|
Fix authenticated media flows and upload preflight handling
|
2026-02-21 15:53:02 -03:00 |
|
|
|
1cb6bfee58
|
Harden settings read sanitization for invalid providers
|
2026-02-21 15:15:43 -03:00 |
|
|
|
74a6551237
|
Redact quoted JSON secret tokens in processing logs
|
2026-02-21 13:57:23 -03:00 |
|
|
|
3cbad053cc
|
Harden auth, redaction, upload size checks, and compose token requirements
|
2026-02-21 13:48:55 -03:00 |
|
|
|
4beab4bc09
|
Persist processing-log retention settings and wire cleanup defaults
|
2026-02-21 12:05:48 -03:00 |
|
|
|
5dfc2cbd85
|
Initial commit
|
2026-02-21 09:44:18 -03:00 |
|
