archy/docs at dfb81c0348bdd1ba81f19fce313cfd0d06a9a747 - archy - Gitea: Git with a cup of tea

lfg2025/archy

History

Dorian d7c9f4917a docs: add security audit report for new features (Task 22)

Audited cloud file upload, AIUI iframe, context broker, FileBrowser
proxy, and RPC endpoints. Key findings:
- XSS: safe (Vue template escaping)
- Context broker: properly validates origins
- FileBrowser: medium risk path traversal (client-side), token in URLs
- CSRF: high risk (no tokens, but mitigated by JSON content type)
- Nginx: missing security headers

Full report: docs/security-audit-2026-03-05.md

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-05 08:49:22 +00:00

..

app-manifest-spec.md

Initial commit

2026-01-24 22:01:51 +00:00

architecture.md

Update .gitignore and remove obsolete documentation files

2026-02-01 02:22:02 +00:00

BETA-RELEASE-CHECKLIST.md

Revise BUILD-GUIDE and enhance ISO build process

2026-02-03 21:43:33 +00:00

BITCOIN-KNOTS-BETA.md

Revise BUILD-GUIDE and enhance ISO build process

2026-02-03 21:43:33 +00:00

building-os-images.md

Update .gitignore and remove obsolete documentation files

2026-02-01 02:22:02 +00:00

current-state.md

mid coding commit

2026-01-24 22:59:20 +00:00

development-containers.md

mid coding commit

2026-01-24 22:59:20 +00:00

development-setup.md

mid coding commit

2026-01-24 22:59:20 +00:00

DID_ONBOARDING_ASSESSMENT.md

Implement onboarding reset functionality and enhance backup features

2026-03-02 08:34:13 +00:00

PACKAGE-INSTALLATION-SECURITY.md

Enhance README and RPC for package management

2026-02-01 18:46:35 +00:00

security-audit-2026-03-05.md

docs: add security audit report for new features (Task 22)

2026-03-05 08:49:22 +00:00

SECURITY-NOSTR-DISCOVERY.md

Update Fedimint configuration and enhance onboarding process

2026-02-17 15:03:34 +00:00

TAILSCALE-INTEGRATION.md

Enhance README and RPC for package management

2026-02-01 18:46:35 +00:00

three-mode-ui-design.md

feat: complete Phase 1 foundation hardening + three-mode UI design doc

2026-03-04 05:23:42 +00:00

USER-GUIDE-TAILSCALE.md

Enhance README and RPC for package management

2026-02-01 18:46:35 +00:00

WEB5_NOSTR_IDENTITY.md

Update Fedimint configuration and enhance onboarding process

2026-02-17 15:03:34 +00:00