C3MA/DD3-LoRa-Bridge-MultiSender
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
108 Commits 3 Branches 0 Tags
6acb5880690909032dbfda2323f9080c1d3b8135
Commit Graph

4 Commits

Author SHA1 Message Date
acidburns
6acb588069 refactor: move html_util into legacy core library 2026-02-20 21:17:48 +01:00
acidburns
2cfdc719c2 test: expand legacy html_util coverage 2026-02-20 21:13:48 +01:00
acidburns
4ff5fd1d55 Harden history device ID validation and SD download filename 2026-02-13 23:56:36 +01:00
acidburns
bfcb2463c3 Harden web UI auth, input handling, and SD path validation 
- Add optional Basic Auth with NVS-backed credentials and STA/AP flags; protect status, wifi, history, and download routes

- Stop pre-filling WiFi/MQTT/Web UI password fields; keep stored secrets on blank and add clear-password checkboxes

- Add HTML escaping + URL encoding helpers and apply to user-controlled strings; add unit test

- Harden /sd/download path validation (prefix, length, dotdot, slashes) and log rejections

- Enforce protocol version in LoRa receive and release GPIO14 before SD init

- Update README security, SD, and GPIO sharing notes
 2026-02-13 23:56:36 +01:00