coolify

History

Andras Bacsai a05d4e3a4b fix(database): tighten Postgres init script filename handling Validate new init-script filenames against path traversal and shell metacharacters via a new validateFilenameSafe() helper, and harden the write/delete paths with basename() + escapeshellarg() so legacy rows still deploy and can be cleaned up without regressions. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 21:26:34 +02:00
..
General.php	fix(database): tighten Postgres init script filename handling	2026-04-20 21:26:34 +02:00

Andras Bacsai a05d4e3a4b fix(database): tighten Postgres init script filename handling

Validate new init-script filenames against path traversal and shell
metacharacters via a new validateFilenameSafe() helper, and harden the
write/delete paths with basename() + escapeshellarg() so legacy rows
still deploy and can be cleaned up without regressions.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-20 21:26:34 +02:00

General.php

fix(database): tighten Postgres init script filename handling

2026-04-20 21:26:34 +02:00