flaskpaste/run.py at 713052de3d748822b495e52003c4176fb4acd21f - flaskpaste - Gitea: Git with a cup of tea

ansible/flaskpaste

forked from claw/flaskpaste

Files

Username 8f9868f0d9 flaskpaste: initial commit with security hardening

Features:
- REST API for text/binary pastes with MIME detection
- Client certificate auth via X-SSL-Client-SHA1 header
- SQLite with WAL mode for concurrent access
- Automatic paste expiry with LRU cleanup

Security:
- HSTS, CSP, X-Frame-Options, X-Content-Type-Options
- Cache-Control: no-store for sensitive responses
- X-Request-ID tracing for log correlation
- X-Proxy-Secret validation for defense-in-depth
- Parameterized queries, input validation
- Size limits (3 MiB anon, 50 MiB auth)

Includes /health endpoint, container support, and 70 tests.

2025-12-16 04:42:18 +01:00

9 lines

192 B

Python

Executable File

Raw Blame History

 #!/usr/bin/env python3
 """Development server entry point."""
 from app import create_app
 if __name__ == "__main__":
     app = create_app("development")
     app.run(host="0.0.0.0", port=5000)