|
|
5b2a2c271e
|
Add security logging, domain validation, and output helpers
- Add authentication failure logging to AuthMiddleware (session expiry,
access denied, unauthenticated access attempts)
- Add UrlHelper for secure URL generation with host validation against
configurable ALLOWED_HOSTS whitelist
- Add OutputHelper with consistent XSS-safe escaping functions (h, attr,
json, url, css, truncate, date, cssClass)
- Add validation to AuditLogModel query parameters (pagination limits,
date format validation, action/entity type validation, IP sanitization)
- Add APP_DOMAIN and ALLOWED_HOSTS configuration options
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-30 18:51:16 -05:00 |
|
