gramps/jarvisChat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

release: v1.6.1 link sanitization and backlog updates

Browse Source
This commit is contained in:
Llama Chile Shop
2026-04-27 16:25:35 -07:00
parent d9eba53926
commit 28aa40c42a
5 changed files with 60 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/wiki/current-wip.md
View File

@@ -13,9 +13,9 @@ Total identified items: 26
- P3: Nice-to-have polish.
## Top 10 (Urgency Order)
1. [P0] Add authentication/authorization for all write and admin endpoints.
2. [P0] Add CSRF/origin protection for browser-initiated state-changing requests.
3. [P0] Block unsafe URL schemes in rendered search-result links (e.g., javascript:).
1. [P0][DONE] Add authentication/authorization for all write and admin endpoints.
2. [P0][DONE] Add CSRF/origin protection for browser-initiated state-changing requests.
3. [P0][DONE] Block unsafe URL schemes in rendered search-result links (e.g., javascript:).
4. [P0] Add rate limiting and request body size limits for chat/search/profile APIs.
5. [P1] Restrict settings updates to an allowlist of valid keys.
6. [P1] Add pagination + hard caps on list endpoints (memories, conversations, message history).