SpecForge

notkshitij/SpecForge

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kshitij	0d8b2cdb3f	security: add helmet, rate limiting, strict CORS, input sanitization. - Add helmet for secure HTTP response headers. - Add express-rate-limit: 60 req/min general, 20 req/min on LLM endpoints. - Restrict CORS to localhost origins in dev, CORS_ORIGIN env var in prod. - Cap request body at 16kb. - Add sanitizeText() to strip control chars on all string inputs. - Add isValidStandardId() regex guard on :id param and standard_id fields. - All route handlers use sanitized values; no raw req.body/req.query access.	2026-05-02 23:59:33 +05:30
Kshitij	3a0c32ea8f	feat: add web server backend.	2026-04-28 23:56:07 +05:30

Author

SHA1

Message

Date

Kshitij

0d8b2cdb3f

security: add helmet, rate limiting, strict CORS, input sanitization.

- Add helmet for secure HTTP response headers.
- Add express-rate-limit: 60 req/min general, 20 req/min on LLM endpoints.
- Restrict CORS to localhost origins in dev, CORS_ORIGIN env var in prod.
- Cap request body at 16kb.
- Add sanitizeText() to strip control chars on all string inputs.
- Add isValidStandardId() regex guard on :id param and standard_id fields.
- All route handlers use sanitized values; no raw req.body/req.query access.

2026-05-02 23:59:33 +05:30

Kshitij

3a0c32ea8f

feat: add web server backend.

2026-04-28 23:56:07 +05:30

2 Commits