NotAShelf/watchdog
1
0
Fork 0
mirror of https://github.com/NotAShelf/watchdog.git synced 2026-04-15 14:54:00 +00:00
Code Issues Projects Releases Packages Wiki Activity
watchdog/internal
History
NotAShelf 98611ca452
 api/handler: fix X-Real-IP header validation 
When trusted proxy headers are enabled, the code accepted `X-Real-IP`
without validating it. The attacker could simply set `X-Real-IP` to an
arbitrary and that IP would be recorded as is. We validate the IP format
and ensure it's not from a trusted proxy, and add test cases.


Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: Ic1e761ea623a69371a28ad15d465d6c66a6a6964
2026-03-10 10:40:03 +03:00
..
aggregate aggreggate/uniques: use string builder for hashing 2026-03-10 08:43:50 +03:00
api api/handler: fix X-Real-IP header validation 2026-03-10 10:40:03 +03:00
config internal/aggergate: make HLL state path configurable 2026-03-02 22:38:19 +03:00
health various: add internal health and runtime metrics 2026-03-02 22:38:28 +03:00
limits various: extract magic numbers into named constants 2026-03-02 22:38:24 +03:00
normalize various: extract magic numbers into named constants 2026-03-02 22:38:24 +03:00
ratelimit internal/ratelimit: prevent time drift in TokenBucket refills 2026-03-02 22:38:23 +03:00