hzhang
58f23ddcb8
Critical: - backup: prevent Zip Slip path traversal and zip bombs in restore/convert via safe_extract(); serialize get_backup() with backup_lock and always restore CWD so concurrent requests can't corrupt the os.chdir state - app: only enable the Werkzeug debugger/reloader when ENVIRONMENT=dev; always init rate limits (also under WSGI), not just under __main__ - apikey: fix create_key never committing (session.commit -> commit()), validate roles against an allowlist, and fix revoke_key/update_last_used operating on detached instances so revocation actually persists - env_provider: redact DB_PASSWORD and SESSION_SECRET_KEY in summerize() High: - markdown: filter private/protected docs for non-admins in the listing, get_home, get_index and search endpoints (was an anonymous data leak); escape LIKE metacharacters and cap search results - webhooks: validate target URL to block SSRF (loopback/private/link-local/ metadata IPs), disable redirects, safely parse additional_header - auth: validate JWT issuer and require exp/iat; add timeout to JWKS fetch; harden Authorization header parsing against malformed values - log: require admin for GET /api/log and auth for POST; bound entry size Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
48 lines
1.3 KiB
Python
48 lines
1.3 KiB
Python
import os
|
|
from dotenv import load_dotenv
|
|
|
|
load_dotenv()
|
|
|
|
def str_to_bool(value):
|
|
return value.lower() in ("yes", "true", "t", "1")
|
|
|
|
|
|
ENVIRONMENT = os.getenv("ENVIRONMENT", "dev")
|
|
DB_HOST = os.getenv("DB_HOST")
|
|
DB_PORT = os.getenv("DB_PORT")
|
|
DB_NAME = os.getenv("DB_NAME")
|
|
DB_USER = os.getenv("DB_USER")
|
|
DB_PASSWORD = os.getenv("DB_PASSWORD")
|
|
DB_SCHEMA_UPDATED = str_to_bool(os.getenv("DB_SCHEMA_UPDATED", 'false'))
|
|
SESSION_SECRET_KEY = os.getenv("SESSION_SECRET_KEY")
|
|
|
|
KC_HOST = os.getenv("KC_HOST")
|
|
KC_REALM = os.getenv("KC_REALM")
|
|
KC_CLIENT_ID = os.getenv("KC_CLIENT_ID")
|
|
|
|
FRONTEND_HOST = os.getenv("FRONTEND_HOST")
|
|
BACKEND_HOST = os.getenv("BACKEND_HOST")
|
|
|
|
def _redact(value):
|
|
if not value:
|
|
return "<unset>"
|
|
return f"<set:{len(str(value))} chars>"
|
|
|
|
|
|
def summerize():
|
|
return {
|
|
"ENVIRONMENT": ENVIRONMENT,
|
|
'DB_HOST': DB_HOST,
|
|
'DB_PORT': DB_PORT,
|
|
'DB_NAME': DB_NAME,
|
|
'DB_USER': DB_USER,
|
|
'DB_PASSWORD': _redact(DB_PASSWORD),
|
|
'DB_SCHEMA_UPDATED': DB_SCHEMA_UPDATED,
|
|
'SESSION_SECRET_KEY': _redact(SESSION_SECRET_KEY),
|
|
'KC_HOST': KC_HOST,
|
|
'KC_REALM': KC_REALM,
|
|
'KC_CLIENT_ID': KC_CLIENT_ID,
|
|
'FRONTEND_HOST': FRONTEND_HOST,
|
|
'BACKEND_HOST': BACKEND_HOST,
|
|
}
|