mporwoll/cms.c2sgmbh
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-17 20:54:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
282 commits 17 branches 0 tags 17 MiB
Commit graph

7 commits

Author SHA1 Message Date
Martin Porwoll
bb02128b28 fix: stabilize guard responses and validation typing 2026-02-17 11:47:55 +00:00
Martin Porwoll
063dae411c security: harden payload endpoints and access controls 2026-02-17 10:41:51 +00:00
Martin Porwoll
3ccb8bd585 feat(BlogWoman): add Favorites, Series collections and content blocks 
Add new collections and blocks for BlogWoman affiliate and video content:

Collections:
- Favorites: Affiliate products with categories, badges, and price ranges
- Series: YouTube series with custom branding (logo, colors)

Blocks:
- FavoritesBlock: Grid/list/carousel display for affiliate products
- SeriesBlock: Series overview with filtering
- SeriesDetailBlock: Single series page with hero
- VideoEmbedBlock: YouTube/Vimeo embed with privacy mode
- FeaturedContentBlock: Curated mixed-content collections

Also includes documentation updates for deployment and API guides.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-08 14:57:58 +00:00
Martin Porwoll
624b3dc605 docs(security): update with custom login page and redirect validation 
- Add environment table (Production/Staging URLs with TRUST_PROXY)
- Document browser form redirect with safe URL validation
- Add Open Redirect Prevention details
- Document custom admin login page (src/app/(payload)/admin/login/)
- Add file reference table for all security-related files
- Update changelog with 18.12.2025 entry

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2025-12-18 16:06:09 +00:00
Martin Porwoll
63b97c14f2 feat(security): enhance CSRF, IP allowlist, and rate limiter with strict production checks 
- CSRF: Require CSRF_SECRET in production, throw error on missing secret
- IP Allowlist: TRUST_PROXY must be explicitly set to 'true' for proxy headers
- Rate Limiter: Add proper proxy trust handling for client IP detection
- Login: Add browser form redirect support with safe URL validation
- Add custom admin login page with styled form
- Update CLAUDE.md with TRUST_PROXY documentation
- Update tests for new security behavior

BREAKING: Server will not start in production without CSRF_SECRET or PAYLOAD_SECRET

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2025-12-18 05:06:15 +00:00
Martin Porwoll
6ccb50c5f4 docs: consolidate and update documentation 
- Remove obsolete instruction documents (PROMPT_*.md, SECURITY_FIXES.md)
- Update CLAUDE.md with security features, test suite, audit logs
- Merge Techstack_Dokumentation into INFRASTRUCTURE.md
- Update SECURITY.md with custom login route documentation
- Add changelog to TODO.md
- Update email service and data masking for SMTP error handling
- Extend test coverage for CSRF and data masking

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-09 09:25:00 +00:00
Martin Porwoll
b5f319bc99 docs: add SECURITY.md and update TODO.md 
- Created docs/anleitungen/SECURITY.md with comprehensive
  security documentation covering:
  - Rate Limiter configuration and usage
  - IP Allowlist/Blocklist with CIDR and wildcard support
  - CSRF Protection (Double Submit Cookie pattern)
  - Data Masking for sensitive fields in logs
  - Pre-commit hook for secret detection
  - CI/CD security workflow
  - Test suite overview (143 tests)
  - Production checklist and monitoring recommendations

- Updated TODO.md:
  - Marked AuditLogs as completed
  - Marked CI/CD Pipeline as completed
  - Added SECURITY.md to documentation section

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-08 00:32:12 +00:00