mirror of
https://github.com/coollabsio/coolify.git
synced 2026-03-11 08:55:47 +00:00
Add validation to ensure sentinel tokens contain only safe characters (alphanumeric, dots, hyphens, underscores, plus, forward slash, equals), preventing OS command injection vulnerabilities when tokens are interpolated into shell commands. - Add ServerSetting::isValidSentinelToken() validation method - Validate tokens in StartSentinel action and metrics queries - Improve shell argument escaping with escapeshellarg() - Add comprehensive test coverage for token validation |
||
|---|---|---|
| .. | ||
| AuthorizesResourceCreation.php | ||
| CalculatesExcludedStatus.php | ||
| ClearsGlobalSearchCache.php | ||
| DeletesUserSessions.php | ||
| EnvironmentVariableAnalyzer.php | ||
| EnvironmentVariableProtection.php | ||
| ExecuteRemoteCommand.php | ||
| HasConfiguration.php | ||
| HasMetrics.php | ||
| HasNotificationSettings.php | ||
| HasSafeStringAttribute.php | ||
| SaveFromRedirect.php | ||
| SshRetryable.php | ||