davide/ecommerce-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0395a780080d3378407d41e52893527b2b2c710b
ecommerce-platform/app/src/lib
T
History
davide 2a6c3a1222 fix(security): validate file uploads with magic bytes, remove SVG from favicon whitelist 
- Add validateImageMagicBytes() to storage.ts reading first 12 bytes
  to verify JPEG/PNG/WebP/ICO signatures regardless of declared MIME type
- Remove image/svg+xml from favicon upload whitelist (SVG can embed scripts)
- Apply magic bytes check in product image and favicon upload endpoints
2026-05-19 10:09:53 +02:00
..
auth.ts
Commit iniziale
2026-05-18 15:25:38 +02:00
email.ts
Commit iniziale
2026-05-18 15:25:38 +02:00
prisma.ts
Commit iniziale
2026-05-18 15:25:38 +02:00
storage.ts
fix(security): validate file uploads with magic bytes, remove SVG from favicon whitelist
2026-05-19 10:09:53 +02:00
stripe.ts
Commit iniziale
2026-05-18 15:25:38 +02:00
validate.ts
Commit iniziale
2026-05-18 15:25:38 +02:00