coolify

History

Andras Bacsai 103d5b6c06 fix: sanitize error output in server validation logs Escape dynamic error messages with htmlspecialchars() before concatenating into HTML strings stored in validation_logs. Add a Purify-based mutator on Server model as defense-in-depth, with a dedicated HTMLPurifier config that allows only safe structural tags. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:36:36 +01:00
..
Show.php	fix: sanitize error output in server validation logs	2026-03-26 18:36:36 +01:00

Andras Bacsai 103d5b6c06 fix: sanitize error output in server validation logs

Escape dynamic error messages with htmlspecialchars() before
concatenating into HTML strings stored in validation_logs. Add a
Purify-based mutator on Server model as defense-in-depth, with a
dedicated HTMLPurifier config that allows only safe structural tags.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-26 18:36:36 +01:00

Show.php

fix: sanitize error output in server validation logs

2026-03-26 18:36:36 +01:00