github/podinfo
1
0
Fork 0
mirror of https://github.com/stefanprodan/podinfo.git synced 2026-05-22 09:22:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6210e0a92062f450a16dc0bdd90b9ef476608456
podinfo/pkg/api/http
History
Niccolò Parlanti 6210e0a920 test(echo): assert nosniff Content-Type on echo direct-response 
Regression test for CVE-2026-43644, mirroring the TestStoreReadHandler_ContentType
test added in #463. Verifies the echoHandler direct-response branch returns
application/octet-stream, X-Content-Type-Options: nosniff, and a restrictive CSP
so an HTML payload cannot be MIME-sniffed and executed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-16 23:47:28 +02:00
..
docs
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
cache.go
chunked_test.go
chunked.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
configs.go
delay_test.go
delay.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
echo_test.go
test(echo): assert nosniff Content-Type on echo direct-response
2026-05-16 23:47:28 +02:00
echo.go
fix(echo): set Content-Type to prevent MIME-sniff XSS (CVE-2026-43644)
2026-05-15 12:51:00 +02:00
echows.go
fix: panic when the WebSocket endpoint is under load
2024-05-23 10:01:01 +02:00
env_test.go
env.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
headers_test.go
headers.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
health_test.go
health.go
http.go
index.go
info_test.go
info.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
logging.go
feat(logging): add trace_id to debug log line
2025-03-10 21:48:25 +01:00
metrics.go
mock.go
panic.go
server.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
status_test.go
status.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
store_test.go
Fix path traversal in /store endpoint
2026-03-14 15:02:25 +02:00
store.go
Fix path traversal in /store endpoint
2026-03-14 15:02:25 +02:00
token_test.go
token.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00
tracer.go
version_test.go
version.go
Removed reference to localhost from swagger
2024-04-09 08:54:38 +02:00