Lukas 667ab674ca Fix SQLite LIKE wildcard escaping in IP filter queries ...

- Add escape_like() helper to escape % and _ wildcards in LIKE queries
- Update fail2ban_db_repo.get_history_page() to use escaping
- Update history_archive_repo.get_archived_history() to use escaping
- Add ESCAPE clause to all LIKE queries
- Add comprehensive unit tests for escape_like function
- Add integration tests for LIKE wildcard handling
- Document LIKE escaping best practices in Backend-Development.md

Fixes TASK-017: Prevent unintended LIKE matches when IP filter contains
special characters like underscore or percent sign.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

2026-04-26 14:07:49 +02:00

..

models

TASK-016: Validate delete_log_path query parameter with allowlist

2026-04-26 14:04:21 +02:00

repositories

Fix SQLite LIKE wildcard escaping in IP filter queries

2026-04-26 14:07:49 +02:00

routers

TASK-016: Validate delete_log_path query parameter with allowlist

2026-04-26 14:04:21 +02:00

services

TASK-011: Remove session token prefix from log output

2026-04-26 13:19:26 +02:00

tasks

Add session cleanup task and update documentation

2026-04-26 12:49:13 +02:00

utils

Fix SQLite LIKE wildcard escaping in IP filter queries

2026-04-26 14:07:49 +02:00

__init__.py

Sync backend/frontend versions to Docker/VERSION and read version from it

2026-03-19 19:13:38 +01:00

config.py

TASK-014: Add log path validation to prevent arbitrary file access

2026-04-26 13:49:04 +02:00

db.py

Add runtime DB schema migration and version tracking

2026-04-12 19:13:36 +02:00

dependencies.py

Implement login endpoint rate limiting (TASK-007)

2026-04-26 12:40:52 +02:00

exceptions.py

Move config file exceptions into app.exceptions

2026-04-15 10:28:27 +02:00

main.py

Implement login endpoint rate limiting (TASK-007)

2026-04-26 12:40:52 +02:00

startup.py

Add session cleanup task and update documentation

2026-04-26 12:49:13 +02:00