lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
508 Commits 3 Branches 17 Tags
bc4ba703f0694f7268ef17d579ab446b07dd0c5d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Lukas bc4ba703f0 Fix #34: Replace setup redirect allowlist prefix matching with explicit allowlist 
- Replace fragile startswith() matching with explicit path matching
- Split allowlist into _EXACT_ALLOWED (exact paths) and _PREFIX_ALLOWED (prefixes)
- Prefix paths MUST end with '/' to prevent matching unintended paths like /api/setup-debug
- Paths correctly matched: /api/setup, /api/health, /api/docs, /api/redoc, /api/openapi.json, /api/setup/timezone
- Paths correctly blocked: /api/setup-debug, /api/setup123, /api/jails
- Add comprehensive Setup Guard Route Policy documentation to Backend-Development.md
- Update line numbers in documentation to reflect current implementation

This prevents future route additions from accidentally bypassing the setup guard.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-29 19:45:42 +02:00
.github/agents
chore: add GitHub Copilot agent, fix ESLint config, update task list
2026-03-13 13:48:20 +01:00
backend
Fix #34: Replace setup redirect allowlist prefix matching with explicit allowlist
2026-04-29 19:45:42 +02:00
Docker
fix(security): Remove insecure session secret fallback in compose.debug.yml
2026-04-26 15:12:10 +02:00
Docs
Fix #34: Replace setup redirect allowlist prefix matching with explicit allowlist
2026-04-29 19:45:42 +02:00
fail2ban-master
Switch dashboard/map/history views to archive source for long-term data
2026-04-05 20:21:54 +02:00
frontend
## 27) Error response body shape is inconsistent
2026-04-28 22:28:02 +02:00
.containerignore
chore: add Docker config files and fix fail2ban bind mount path
2026-03-03 20:38:32 +01:00
.dockerignore
chore: add Docker config files and fix fail2ban bind mount path
2026-03-03 20:38:32 +01:00
.env.example
TASK-030: Secure IP geolocation with MMDB-primary resolver
2026-04-26 15:31:39 +02:00
.gitignore
Fix BUG-001: resolve banaction interpolation error in fail2ban jails
2026-03-15 11:39:20 +01:00
Makefile
Add ban management features and update documentation
2026-03-06 20:33:42 +01:00
node:fs
Refactor frontend components and dependencies
2026-04-22 20:26:43 +02:00
path
Refactor frontend components and dependencies
2026-04-22 20:26:43 +02:00
pyproject.toml
chore: add root pyproject.toml for ruff configuration
2026-03-22 14:24:25 +01:00
pytest.ini
Add repo-root pytest config so async tests run from root
2026-03-17 17:55:54 +01:00
vite
Refactor frontend components and dependencies
2026-04-22 20:26:43 +02:00
Description
No description provided
11 MiB
Languages
Python 61.2%
TypeScript 24.9%
HTML 8.4%
Markdown 2.5%
Roff 0.9%
Other 2%