mporwoll/cms.c2sgmbh
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-17 18:34:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cms.c2sgmbh/docs/anleitungen
History
Martin Porwoll 63b97c14f2 feat(security): enhance CSRF, IP allowlist, and rate limiter with strict production checks 
- CSRF: Require CSRF_SECRET in production, throw error on missing secret
- IP Allowlist: TRUST_PROXY must be explicitly set to 'true' for proxy headers
- Rate Limiter: Add proper proxy trust handling for client IP detection
- Login: Add browser form redirect support with safe URL validation
- Add custom admin login page with styled form
- Update CLAUDE.md with TRUST_PROXY documentation
- Update tests for new security behavior

BREAKING: Server will not start in production without CSRF_SECRET or PAYLOAD_SECRET

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-18 05:06:15 +00:00
..
ANALYTICS_IMPLEMENTATION_GUIDE.md feat: add super admin role and update documentation 2025-12-05 14:26:08 +00:00
API_ANLEITUNG.md feat: add super admin role and update documentation 2025-12-05 14:26:08 +00:00
BILDOPTIMIERUNG.md test: add E2E and integration tests with documentation 2025-12-01 08:19:52 +00:00
framework-monitoring.md chore: code cleanup, TypeScript fixes, and dependency updates 2025-12-15 09:02:58 +00:00
FRONTEND.md docs: separate frontend tasks and add documentation summary 2025-12-11 15:02:04 +00:00
SECURITY.md feat(security): enhance CSRF, IP allowlist, and rate limiter with strict production checks 2025-12-18 05:06:15 +00:00
SEO_ERWEITERUNG.md test: add E2E and integration tests with documentation 2025-12-01 08:19:52 +00:00
TODO.md feat(security): enhance CSRF, IP allowlist, and rate limiter with strict production checks 2025-12-18 05:06:15 +00:00
UNIVERSAL_FEATURES.md test: add E2E and integration tests with documentation 2025-12-01 08:19:52 +00:00