ba888bb580
All checks were successful
Build & Deploy to Staging / Build & Deploy to Staging (push) Successful in 10m4s
- Block IPv4-mapped IPv6 addresses (::ffff:127.0.0.1, etc.)
- Block IPv6 unspecified address (::)
- Add CSS injection sanitization for hideSelectors (no {}<>;)
- Add waitForSelector validation (max 200 chars, no javascript:/script)
- Add CSS parameter hardening (block @import, url() with non-data: schemes)
- Add 21 new security tests following TDD approach
- All 387 tests passing
Fixes potential SSRF bypasses and CSS injection vulnerabilities
|
||
|---|---|---|
| .. | ||
| __tests__ | ||
| browser.ts | ||
| cache.ts | ||
| db.ts | ||
| keys.ts | ||
| logger.ts | ||
| screenshot.ts | ||
| ssrf.ts | ||
| watermark.ts | ||