78db1fa684
- Add IsURLSafe() function to webhook service blocking private IPs, localhost, and cloud metadata endpoints (SSRF protection) - Implement real validate_track_access() in stream server querying DB for track visibility, ownership, and purchase status - Remove dangerous JWT fallback user in chat server that allowed deleted users to maintain access with forged credentials - Add upper limit (100) on pagination in profile, track, and room handlers - Fix Dockerfile.production healthcheck path to /api/v1/health Co-authored-by: Cursor <cursoragent@cursor.com> |
||
|---|---|---|
| .. | ||
| auth | ||
| collaboration | ||
| education | ||
| marketplace | ||
| social | ||
| track | ||