mirror of
https://github.com/complexcaresolutions/cms.c2sgmbh.git
synced 2026-03-17 16:14:12 +00:00
Martin Porwoll
fc94531931
Security Features: - Central rate-limiter service with Redis support and memory fallback - Predefined limiters: publicApi, auth, email, search, form, strict - Automatic cleanup of stale entries - IP allowlist/blocklist for sensitive endpoints - CIDR and wildcard support - Configurable via SEND_EMAIL_ALLOWED_IPS, BLOCKED_IPS env vars - CSRF protection with Double Submit Cookie pattern - Token endpoint: GET /api/csrf-token - Origin header validation - Data masking service for sensitive data - Automatic redaction of passwords, tokens, API keys - Safe logger factory for consistent logging - Recursive object masking for audit logs Secret Scanning: - Pre-commit hook for local secret detection - GitHub Actions workflow with Gitleaks and CodeQL - Gitleaks configuration file - Dependency vulnerability scanning Updated: - /api/send-email now uses central rate-limiter and IP allowlist - Redis lib exports getRedisClient and isRedisAvailable 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| anleitungen | ||
| CLAUDE_PAYLOAD_CMS.md | ||
| IMPLEMENTIERUNGS-AUFTRAG.md | ||
| INFRASTRUCTURE.md | ||
| PROJECT_STATUS.md | ||
| Prompt phase2 blocks.md | ||
| PROMPT_CONSENT_PAYLOAD.md | ||
| PROMPT_PAYLOAD_API_CONFIG.md | ||
| PROMPT_PHASE1_COLLECTIONS.md | ||
| PROMPT_PHASE4_CONTENT_MIGRATION.md | ||
| PROMPT_PRIVACY_POLICY_PAYLOAD.md | ||
| PROMPT_UNIVERSAL_FEATURES_PAYLOAD.md | ||
| SECURITY_FIXES.md | ||