flaskpaste: initial commit with security hardening
Features: - REST API for text/binary pastes with MIME detection - Client certificate auth via X-SSL-Client-SHA1 header - SQLite with WAL mode for concurrent access - Automatic paste expiry with LRU cleanup Security: - HSTS, CSP, X-Frame-Options, X-Content-Type-Options - Cache-Control: no-store for sensitive responses - X-Request-ID tracing for log correlation - X-Proxy-Secret validation for defense-in-depth - Parameterized queries, input validation - Size limits (3 MiB anon, 50 MiB auth) Includes /health endpoint, container support, and 70 tests.
This commit is contained in:
Username
13
requirements.txt
Normal file
13
requirements.txt
Normal file
@@ -0,0 +1,13 @@
|
||||
flask>=3.0
|
||||
|
||||
# Security & Rate Limiting
|
||||
flask-limiter>=3.5
|
||||
flask-cors>=4.0
|
||||
|
||||
# Observability
|
||||
prometheus-flask-exporter>=0.23
|
||||
|
||||
# Development/Testing
|
||||
pytest>=8.0
|
||||
pytest-cov>=4.0
|
||||
locust>=2.20
|
||||
Reference in New Issue
Block a user