claw/flaskpaste
1
0
Fork 1
forked from username/flaskpaste
Code Pull Requests Activity
216 Commits 1 Branch 0 Tags
main
Commit Graph

11 Commits

Author SHA1 Message Date
Username
2679bc8e69 docs: add url shortener documentation 2026-02-16 20:56:55 +01:00
Username
e0310339ee docs: update for k3s deployment and harbor.mymx.me 2026-01-18 17:07:49 +01:00
Username
9eee14e918 docs: update harbor integration status and remove hardcoded credentials 2026-01-18 09:57:27 +01:00
Username
3059d533bc docs: update documentation after pentest remediation 
- TASKLIST.md: add pentest tasks to completed section
- TODO.md: add observation about pentest completion
- ROADMAP.md: update test count (301), add decision log entry
- PROJECT.md: update test count (301)
- SECURITY.md: remove obsolete limitations, add v1.5.0 changes
 2025-12-24 23:33:15 +01:00
Username
89eee3378a security: implement pentest remediation (PROXY-001, BURN-001, RATE-001) 
PROXY-001: Add startup warning when TRUSTED_PROXY_SECRET empty in production
- validate_security_config() checks for missing proxy secret
- Additional warning when PKI enabled without proxy secret
- Tests for security configuration validation

BURN-001: HEAD requests now trigger burn-after-read deletion
- Prevents attacker from probing paste existence before retrieval
- Updated test to verify new behavior

RATE-001: Add RATE_LIMIT_MAX_ENTRIES to cap memory usage
- Default 10000 unique IPs tracked
- Prunes oldest entries when limit exceeded
- Protects against memory exhaustion DoS

Test count: 284 -> 291 (7 new security tests)
 2025-12-24 21:42:15 +01:00
Username
4577a1d7e4 docs: update for systemd and rate limit headers 2025-12-24 20:05:30 +01:00
Username
37d2ccef0f docs: update for v1.5.0 public registration feature 2025-12-21 12:34:35 +01:00
Username
b47c26dd14 docs: update for v1.4.0 features 
- Add anti-flood, rate limiting, scheduled cleanup to feature lists
- Update version to 1.4.0, test count to 205
- Document /pastes endpoint with query parameters
- Add anti-flood fields to /challenge response
- Update CLI docs with new commands (list, search, export)
- Add decision log entries for recent features
 2025-12-20 21:36:09 +01:00
Username
486bac1d85 docs: update project status for v1.2.0 2025-12-20 17:24:41 +01:00
Username
260d6e894d update project documentation 2025-12-20 17:20:40 +01:00
Username
4cb29fa3d2 add project structure files 2025-12-20 03:31:37 +01:00