mostalive/firehose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
firehose/app/lib/firehose_web
History
Willem van den Ende 6887ae4087 Security: Validate blog controller inputs (page param, blog ID) 
Ran a claude /security-review, fixed two vulnerabilities

  Use a plug to resolve blog_id, returning a clean 404 for unknown blogs
  instead of raising with inspect(). Parse page param with Integer.parse
  so invalid values (non-numeric, negative, zero) fall back to page 1
  instead of crashing. Add 5 tests covering these cases.a
2026-03-17 12:17:29 +00:00
..
components
Self host fonts
2026-03-17 11:43:32 +00:00
controllers
Security: Validate blog controller inputs (page param, blog ID)
2026-03-17 12:17:29 +00:00
endpoint.ex
Static blog with front page summary
2026-03-17 11:17:21 +00:00
gettext.ex
Static blog with front page summary
2026-03-17 11:17:21 +00:00
router.ex
Static blog with front page summary
2026-03-17 11:17:21 +00:00
telemetry.ex
Static blog with front page summary
2026-03-17 11:17:21 +00:00