security: add rate limiting, input validation, and error sanitization
- Add src/server/rate-limit.ts (in-memory, no deps) - Rate limit high-risk endpoints: /api/send (30/min), /api/terminal-input (60/min), /api/files POST (30/min), /api/debug-analyze (10/min) - Add Zod schema validation to /api/send - Sanitize error messages in production (hide stack traces) - Add zod dependency
This commit is contained in:
@@ -55,7 +55,8 @@
|
||||
"xterm-addon-fit": "^0.8.0",
|
||||
"xterm-addon-search": "^0.13.0",
|
||||
"xterm-addon-web-links": "^0.9.0",
|
||||
"zustand": "^5.0.11"
|
||||
"zustand": "^5.0.11",
|
||||
"zod": "^3.25.76"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@tanstack/eslint-config": "^0.3.0",
|
||||
|
||||
Reference in New Issue
Block a user