summaryrefslogtreecommitdiff
path: root/issues/bug_004_trello_cards_missing.md
diff options
context:
space:
mode:
authorPeter Stone <thepeterstone@gmail.com>2026-01-26 07:01:25 -1000
committerPeter Stone <thepeterstone@gmail.com>2026-01-26 07:01:25 -1000
commit8c2c88f90039e87b29ce32cd31b7b0361b5803d0 (patch)
tree6099e498084b876d343b071bbdf2cb62838eae7d /issues/bug_004_trello_cards_missing.md
parentf5b997bfc4c77ef262726d14b30d387eb7acd1c6 (diff)
Phase 1: Critical security fixes
- Remove default password fallback - require DEFAULT_PASS in all environments - Fix XSS vulnerabilities in HTML generation (handlers.go:795,920) - Add security headers middleware (X-Frame-Options, CSP, HSTS, etc.) - Add rate limiting on login endpoint (5 req/15min per IP) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Diffstat (limited to 'issues/bug_004_trello_cards_missing.md')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-28 15:06:13 +0000