Security hardening and performance improvements
- Add visibility check to attachment downloads (prevents unauthorized access) - Fix ticket ID collision with uniqueness verification loop - Harden CSP: replace unsafe-inline with nonce-based script execution - Add IP-based rate limiting (supplements session-based) - Add visibility checks to bulk operations - Validate internal visibility requires groups - Optimize user activity query (JOINs vs subqueries) - Update documentation with design decisions and security info Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
22
README.md
22
README.md
@@ -2,6 +2,16 @@
|
||||
|
||||
A feature-rich PHP-based ticketing system designed for tracking and managing data center infrastructure issues with enterprise-grade workflow management and a retro terminal aesthetic.
|
||||
|
||||
**Documentation**: [Wiki](https://wiki.lotusguild.org/en/Services/service-tinker-tickets)
|
||||
|
||||
## Design Decisions
|
||||
|
||||
The following features are intentionally **not planned** for this system:
|
||||
- **Email Integration**: Discord webhooks are the chosen notification method
|
||||
- **SLA Management**: Not required for internal infrastructure use
|
||||
- **Time Tracking**: Out of scope for current requirements
|
||||
- **OAuth2/External Identity Providers**: Authelia is the only approved SSO method
|
||||
|
||||
## Core Features
|
||||
|
||||
### Dashboard & Ticket Management
|
||||
@@ -104,12 +114,14 @@ Access all admin pages via the **Admin dropdown** in the dashboard header.
|
||||
| `?` | Show keyboard shortcuts help |
|
||||
|
||||
### Security Features
|
||||
- **CSRF Protection**: Token-based protection on all forms
|
||||
- **Rate Limiting**: API rate limiting to prevent abuse
|
||||
- **Security Headers**: CSP, X-Frame-Options, X-Content-Type-Options
|
||||
- **SQL Injection Prevention**: All queries use prepared statements
|
||||
- **XSS Protection**: All output properly escaped
|
||||
- **CSRF Protection**: Token-based protection with constant-time comparison
|
||||
- **Rate Limiting**: Session-based AND IP-based rate limiting to prevent abuse
|
||||
- **Security Headers**: CSP with nonces (no unsafe-inline), X-Frame-Options, X-Content-Type-Options
|
||||
- **SQL Injection Prevention**: All queries use prepared statements with parameter binding
|
||||
- **XSS Protection**: HTML escaped in markdown parser, CSP headers block inline scripts
|
||||
- **Audit Logging**: Complete audit trail of all actions
|
||||
- **Visibility Enforcement**: Access checks on ticket views, downloads, and bulk operations
|
||||
- **Collision-Safe IDs**: Ticket IDs verified unique before creation
|
||||
|
||||
## Technical Architecture
|
||||
|
||||
|
||||
Reference in New Issue
Block a user