- Add protocol validation (http/https only) to prevent SSRF via file:/ftp: URLs - Hash both apiBase+apiKey together in cache key to prevent collision attacks - Simplify frontend error detection (use TypeError instanceof instead of fragile string check) - Make smoke test error code assertion more precise with regex Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| .gitkeep | ||
| apikey-detect.test.js | ||