rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/tests
History
Andras Bacsai e1d4b4682e fix: harden TrustHosts middleware and use base_url() for password reset links 
- Fix circular cache dependency in TrustHosts where handle() checked cache
  before hosts() could populate it, causing host validation to never activate
- Validate both Host and X-Forwarded-Host headers against trusted hosts list
  (X-Forwarded-Host is checked before TrustProxies applies it to the request)
- Use base_url() instead of url() for password reset link generation so the
  URL is derived from server-side config (FQDN / public IP) instead of the
  request context
- Strip port from X-Forwarded-Host before matching (e.g. host:443 → host)
- Add tests for host validation, cache population, and reset URL generation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-26 18:39:54 +01:00
..
Browser test: add dashboard test and improve browser test coverage 2026-02-11 16:37:40 +01:00
Feature fix: harden TrustHosts middleware and use base_url() for password reset links 2026-03-26 18:39:54 +01:00
Traits test: setup database for upcoming tests 2024-12-04 12:43:52 +01:00
Unit fix: add URL validation for GitHub source api_url and html_url fields 2026-03-26 13:45:33 +01:00
v4 feat(livewire): add selectedActions parameter and error handling to delete methods 2026-03-11 15:04:45 +01:00
CreatesApplication.php Fix styling 2024-06-10 20:43:34 +00:00
DuskTestCase.php Refactor DuskTestCase.php to use a hardcoded base URL 2024-10-17 21:26:06 +02:00
Pest.php test: add Pest browser testing with SQLite :memory: schema 2026-02-11 15:25:47 +01:00
TestCase.php init of v4 🌮 2023-03-17 15:33:48 +01:00