security: add rate limiting, input validation, and error sanitization

- Add src/server/rate-limit.ts (in-memory, no deps)
- Rate limit high-risk endpoints: /api/send (30/min), /api/terminal-input (60/min), /api/files POST (30/min), /api/debug-analyze (10/min)
- Add Zod schema validation to /api/send
- Sanitize error messages in production (hide stack traces)
- Add zod dependency
This commit is contained in:
Eric
2026-02-12 10:58:55 -05:00
parent da70a7ca1a
commit 010247eda0
6 changed files with 131 additions and 34 deletions

View File

@@ -55,7 +55,8 @@
"xterm-addon-fit": "^0.8.0",
"xterm-addon-search": "^0.13.0",
"xterm-addon-web-links": "^0.9.0",
"zustand": "^5.0.11"
"zustand": "^5.0.11",
"zod": "^3.25.76"
},
"devDependencies": {
"@tanstack/eslint-config": "^0.3.0",