github/podinfo
1
0
Fork 0
mirror of https://github.com/stefanprodan/podinfo.git synced 2026-05-23 18:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
448199b45a4241f1897b214ea1ca3093b6e967e7
podinfo/pkg/api/http
History
Niccolò Parlanti 6210e0a920 test(echo): assert nosniff Content-Type on echo direct-response 
Regression test for CVE-2026-43644, mirroring the TestStoreReadHandler_ContentType
test added in #463. Verifies the echoHandler direct-response branch returns
application/octet-stream, X-Content-Type-Options: nosniff, and a restrictive CSP
so an HTML payload cannot be MIME-sniffed and executed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-16 23:47:28 +02:00
..
docs
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
cache.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
chunked_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
chunked.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
configs.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
delay_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
delay.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
echo_test.go
test(echo): assert nosniff Content-Type on echo direct-response
2026-05-16 23:47:28 +02:00
echo.go
fix(echo): set Content-Type to prevent MIME-sniff XSS (CVE-2026-43644)
2026-05-15 12:51:00 +02:00
echows.go
fix: panic when the WebSocket endpoint is under load
2024-05-23 10:01:01 +02:00
env_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
env.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
headers_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
headers.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
health_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
health.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
http.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
index.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
info_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
info.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
logging.go
feat(logging): add trace_id to debug log line
2025-03-10 21:48:25 +01:00
metrics.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
mock.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
panic.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
server.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
status_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
status.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
store_test.go
Fix path traversal in /store endpoint
2026-03-14 15:02:25 +02:00
store.go
Fix path traversal in /store endpoint
2026-03-14 15:02:25 +02:00
token_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
token.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
tracer.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
version_test.go
restructured api to api/http, api/grpc, pkg http
2024-02-24 23:44:12 +05:30
version.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00