rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/tests
History
Andras Bacsai 096d4369e5 fix(sentinel): add token validation to prevent command injection 
Add validation to ensure sentinel tokens contain only safe characters
(alphanumeric, dots, hyphens, underscores, plus, forward slash, equals),
preventing OS command injection vulnerabilities when tokens are
interpolated into shell commands.

- Add ServerSetting::isValidSentinelToken() validation method
- Validate tokens in StartSentinel action and metrics queries
- Improve shell argument escaping with escapeshellarg()
- Add comprehensive test coverage for token validation
2026-03-10 22:19:19 +01:00
..
Browser test: add dashboard test and improve browser test coverage 2026-02-11 16:37:40 +01:00
Feature fix(sentinel): add token validation to prevent command injection 2026-03-10 22:19:19 +01:00
Traits test: setup database for upcoming tests 2024-12-04 12:43:52 +01:00
Unit Merge remote-tracking branch 'origin/next' into 8826-investigate-postgresql-restart 2026-03-10 21:46:03 +01:00
v4 test: add dashboard test and improve browser test coverage 2026-02-11 16:37:40 +01:00
CreatesApplication.php Fix styling 2024-06-10 20:43:34 +00:00
DuskTestCase.php Refactor DuskTestCase.php to use a hardcoded base URL 2024-10-17 21:26:06 +02:00
Pest.php test: add Pest browser testing with SQLite :memory: schema 2026-02-11 15:25:47 +01:00
TestCase.php init of v4 🌮 2023-03-17 15:33:48 +01:00