Zimeng Xiong
0476315322
* feat(security): implement CSRF protection * chore: clean up CSRF implementation - Remove unused generateCsrfToken export from security.ts - Remove redundant /csrf-token path check (GET already exempt) - Restore defineConfig wrapper in vitest.config.ts for type safety * add K8S note in README, fix broken e2e * feat/upload-bar (#30) * feat/upload-bar: add a upload bar when user upload file, indicate the upload process * feat/save-loading-status: add save status when click back button from editor * fix: address PR review issues in upload and save features - Replace deprecated substr() with substring() in UploadContext - Fix broken error handling that checked stale task status - Fix missing useEffect dependency in UploadStatus - Fix CSS class conflict in progress bar styling - Add error recovery for save state in Editor (reset on failure) - Use .finally() instead of .then() to ensure refresh on upload failure - Fix inconsistent indentation in UploadContext * fix e2e tests --------- Co-authored-by: Zimeng Xiong <zxzimeng@gmail.com> * chore: pre-release v0.2.1-dev * Update backend/src/security.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix filename/math random UUID generation --------- Co-authored-by: AdrianAcala <adrianacala017@gmail.com> Co-authored-by: adamant368 <60790941+Yiheng-Liu@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
30 lines
1.1 KiB
Markdown
30 lines
1.1 KiB
Markdown
CSRF Protection (8a78b2b)
|
|
|
|
- Implemented comprehensive CSRF (Cross-Site Request Forgery) protection for enhanced security
|
|
- Added new backend/src/security.ts module for security utilities
|
|
- Frontend API layer now handles CSRF tokens automatically
|
|
- Added integration tests for CSRF validation
|
|
|
|
Upload Progress Indicator (8f9b9b4)
|
|
|
|
- Added a visual upload progress bar when users upload files
|
|
- New UploadContext for managing upload state across components
|
|
- New UploadStatus component displaying real-time upload progress
|
|
- Save status indicator when navigating back from the editor
|
|
- Improved error handling and recovery for failed uploads
|
|
|
|
Bug Fixes
|
|
|
|
- Fixed broken e2e tests (cae8f3c)
|
|
- Replaced deprecated substr() with substring()
|
|
- Fixed stale state issues in error handling
|
|
- Fixed missing useEffect dependencies
|
|
- Fixed CSS class conflicts in progress bar styling
|
|
- Added error recovery for save state in Editor
|
|
|
|
Infrastructure
|
|
|
|
- Updated docker-compose configurations with new environment variables
|
|
- E2E test suite improvements and reliability fixes
|
|
- Added Kubernetes deployment note in README
|