podinfo

github/podinfo

Fork 0

mirror of https://github.com/stefanprodan/podinfo.git synced 2026-05-24 10:22:47 +00:00

Commit Graph

Author	SHA1	Message	Date
Stefan Prodan	4920afdafb	Improve test coverage of the HTTP API Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2026-05-20 11:07:35 +03:00
Niccolò Parlanti	6210e0a920	test(echo): assert nosniff Content-Type on echo direct-response Regression test for CVE-2026-43644, mirroring the TestStoreReadHandler_ContentType test added in #463. Verifies the echoHandler direct-response branch returns application/octet-stream, X-Content-Type-Options: nosniff, and a restrictive CSP so an HTML payload cannot be MIME-sniffed and executed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-16 23:47:28 +02:00
JayKaku	c305843105	restructured api to api/http, api/grpc, pkg http	2024-02-24 23:44:12 +05:30

Author

SHA1

Message

Date

Stefan Prodan

4920afdafb

Improve test coverage of the HTTP API

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>

2026-05-20 11:07:35 +03:00

Niccolò Parlanti

6210e0a920

test(echo): assert nosniff Content-Type on echo direct-response

Regression test for CVE-2026-43644, mirroring the TestStoreReadHandler_ContentType
test added in #463. Verifies the echoHandler direct-response branch returns
application/octet-stream, X-Content-Type-Options: nosniff, and a restrictive CSP
so an HTML payload cannot be MIME-sniffed and executed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-16 23:47:28 +02:00

JayKaku

c305843105

restructured api to api/http, api/grpc, pkg http

2024-02-24 23:44:12 +05:30

3 Commits