archy/src at a7653d4c8b146209da6c9ff9b0d71264b5fccefb - archy - Gitea: Git with a cup of tea

lfg2025/archy

History

Dorian a7653d4c8b feat: implement CSRF protection on RPC layer

Double-submit cookie pattern: backend generates csrf_token cookie on login
(non-HttpOnly so JS can read it), validates X-CSRF-Token header matches
cookie on all authenticated RPC calls. Returns 403 if missing/mismatched.
Frontend reads cookie and sends header automatically.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-11 00:46:52 +00:00

..

feat: implement CSRF protection on RPC layer

2026-03-11 00:46:52 +00:00

mid coding commit

2026-01-24 22:59:20 +00:00

fix: prevent My Apps crash when installing apps + add filebrowser to demo

2026-03-09 17:09:59 +00:00

fix: prevent My Apps crash when installing apps + add filebrowser to demo

2026-03-09 17:09:59 +00:00

fix: prevent tokio runtime deadlock in credential issue/verify

2026-03-09 07:43:12 +00:00

fix: replace path-option-card with glass-card in Settings.vue

2026-03-10 23:58:33 +00:00

fix: alpha release hardening — onboarding, security, and ISO build

2026-03-06 13:00:28 +00:00

fix: replace path-option-card with glass-card in Settings.vue

2026-03-10 23:58:33 +00:00

fix: prevent My Apps crash when installing apps + add filebrowser to demo

2026-03-09 17:09:59 +00:00

feat: complete Phase 1 foundation hardening + three-mode UI design doc

2026-03-04 05:23:42 +00:00

feat: add Network Interfaces section and WiFi scan modal to Server.vue

2026-03-11 00:35:55 +00:00

App.vue

fix: prevent My Apps crash when installing apps + add filebrowser to demo

2026-03-09 17:09:59 +00:00

main.ts

mid coding commit

2026-01-24 22:59:20 +00:00

style.css

fix: mobile onboarding viewport + filebrowser demo fixes

2026-03-09 19:32:28 +00:00