Archive/screentinker
1
0
Fork 0
mirror of https://github.com/screentinker/screentinker.git synced 2026-05-15 07:32:23 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
screentinker/frontend
History
ScreenTinker f57fc5ad81 Security hardening: auth checks, XSS escaping, input validation 
- Add requireGroupOwnership middleware to all group endpoints
- Whitelist allowed command types (screen_on/off, launch, update, reboot, shutdown)
- Validate color format as #RRGGBB
- Escape all user-controlled strings (device/group names, emails) in dashboard HTML
- Restrict trust proxy to first hop only (prevents IP spoofing + rate limit bypass)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 22:09:40 -05:00
..
assets Initial open source release 2026-04-08 12:14:53 -05:00
css Initial open source release 2026-04-08 12:14:53 -05:00
js Security hardening: auth checks, XSS escaping, input validation 2026-04-09 22:09:40 -05:00
legal Initial open source release 2026-04-08 12:14:53 -05:00
index.html Move player downloads into Add Display modal for discoverability 2026-04-08 15:04:33 -05:00
landing.html Initial open source release 2026-04-08 12:14:53 -05:00
manifest.json Initial open source release 2026-04-08 12:14:53 -05:00
robots.txt Initial open source release 2026-04-08 12:14:53 -05:00
sitemap.xml Initial open source release 2026-04-08 12:14:53 -05:00
sw-admin.js Initial open source release 2026-04-08 12:14:53 -05:00