DD3-LoRa-Bridge-MultiSender

C3MA/DD3-LoRa-Bridge-MultiSender

Fork 0

Commit Graph

Author	SHA1	Message	Date
acidburns	0e12b406de	Harden web UI auth, input handling, and SD path validation - Add optional Basic Auth with NVS-backed credentials and STA/AP flags; protect status, wifi, history, and download routes - Stop pre-filling WiFi/MQTT/Web UI password fields; keep stored secrets on blank and add clear-password checkboxes - Add HTML escaping + URL encoding helpers and apply to user-controlled strings; add unit test - Harden /sd/download path validation (prefix, length, dotdot, slashes) and log rejections - Enforce protocol version in LoRa receive and release GPIO14 before SD init - Update README security, SD, and GPIO sharing notes	2026-02-02 21:08:05 +01:00
acidburns	6f308ad590	Initial commit	2026-01-20 01:39:06 +01:00

Author

SHA1

Message

Date

acidburns

0e12b406de

Harden web UI auth, input handling, and SD path validation

- Add optional Basic Auth with NVS-backed credentials and STA/AP flags; protect status, wifi, history, and download routes

- Stop pre-filling WiFi/MQTT/Web UI password fields; keep stored secrets on blank and add clear-password checkboxes

- Add HTML escaping + URL encoding helpers and apply to user-controlled strings; add unit test

- Harden /sd/download path validation (prefix, length, dotdot, slashes) and log rejections

- Enforce protocol version in LoRa receive and release GPIO14 before SD init

- Update README security, SD, and GPIO sharing notes

2026-02-02 21:08:05 +01:00

acidburns

6f308ad590

Initial commit

2026-01-20 01:39:06 +01:00

2 Commits