goclaw

tiennm99/goclaw

Fork 0

mirror of https://github.com/tiennm99/goclaw.git synced 2026-06-10 18:11:00 +00:00

Commit Graph

Author	SHA1	Message	Date
Viet Tran	ce333c70f3	fix(security): followup hardening — ILIKE ESCAPE, allowlist logging, shell deny, tests (#251 ) - Add explicit ESCAPE '\' clause to all ILIKE queries (knowledge_graph, custom_tools, channel_instances, channel_contacts) for correct wildcard escaping regardless of PostgreSQL standard_conforming_strings setting - Log warning when filterAllowedKeys drops unknown fields for debuggability - Widen base64 decode shell deny pattern to catch -di, -dw0 variants - Add unit tests for filterAllowedKeys, pqStringArray, scanStringArray, pqStringArray↔scanStringArray roundtrip, limitedBuffer, base64 deny	2026-03-18 07:48:48 +07:00

Author

SHA1

Message

Date

Viet Tran

ce333c70f3

fix(security): followup hardening — ILIKE ESCAPE, allowlist logging, shell deny, tests (#251 )

- Add explicit ESCAPE '\' clause to all ILIKE queries (knowledge_graph,
  custom_tools, channel_instances, channel_contacts) for correct wildcard
  escaping regardless of PostgreSQL standard_conforming_strings setting
- Log warning when filterAllowedKeys drops unknown fields for debuggability
- Widen base64 decode shell deny pattern to catch -di, -dw0 variants
- Add unit tests for filterAllowedKeys, pqStringArray, scanStringArray,
  pqStringArray↔scanStringArray roundtrip, limitedBuffer, base64 deny

2026-03-18 07:48:48 +07:00

1 Commits