Dorian
0d28d28bf7
security(TASK-8): fix 8 pentest findings — C1/C3/H1/M1/M2/L2
CRITICAL:
- C1: /lnd-connect-info now requires session auth, CORS wildcard removed
- C3: DEV_MODE removed from production service file (dev override only)
HIGH:
- H1: node-message endpoint now verifies ed25519 signatures when
provided, logs warning for unsigned messages
MEDIUM:
- M1: content.add rejects filenames containing ".." (path traversal)
- M2: NIP-07 postMessage responses use specific origin instead of '*'
LOW:
- L2: Onion validation now enforces strict v3 format (56 base32 chars
+ ".onion", exactly 62 chars, no colons)
Previously fixed: C2 (RPC creds generated per-install from secrets)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>