mirror of https://github.com/garrytan/gstack.git
dfe946fe64
Community PR #806 by @mr-k-man (security audit round 2, new parts only). - CSS value validation (DANGEROUS_CSS) in cdp-inspector, write-commands, extension inspector - Queue file permissions (0o700/0o600) in cli, server, sidebar-agent - escapeRegExp for frame --url ReDoS fix - Responsive screenshot path validation with validateOutputPath - State load cookie filtering (reject localhost/.internal/metadata cookies) - Session ID format validation in loadSession - /health endpoint: remove currentUrl and currentMessage fields - QueueEntry interface + isValidQueueEntry validator for sidebar-agent - SIGTERM->SIGKILL escalation in timeout handler - Viewport dimension clamping (1-16384), wait timeout clamping (1s-300s) - Cookie domain validation in cookie-import and cookie-import-browser - DocumentFragment-based tab switching (XSS fix in sidepanel) - pollInProgress reentrancy guard for pollChat - toggleClass/injectCSS input validation in extension inspector - Snapshot annotated path validation with realpathSync - 714-line security-audit-r2.test.ts + 33-line learnings-injection.test.ts Co-Authored-By: mr-k-man <mr-k-man@users.noreply.github.com> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| activity.ts | ||
| browser-manager.ts | ||
| buffers.ts | ||
| bun-polyfill.cjs | ||
| cdp-inspector.ts | ||
| cli.ts | ||
| commands.ts | ||
| config.ts | ||
| cookie-import-browser.ts | ||
| cookie-picker-routes.ts | ||
| cookie-picker-ui.ts | ||
| find-browse.ts | ||
| meta-commands.ts | ||
| platform.ts | ||
| read-commands.ts | ||
| server.ts | ||
| sidebar-agent.ts | ||
| sidebar-utils.ts | ||
| snapshot.ts | ||
| url-validation.ts | ||
| welcome.html | ||
| write-commands.ts | ||