cw2007/POSA_Copyrighter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
18 commits 1 branch 0 tags 3 MiB
Python 82.2%
JavaScript 9.2%
CSS 5.4%
HTML 3.2%
Find a file
유창욱 1abb1107a2 fix: cookie-based operator auth keeps token out of URLs 
Address commit security review: replace the ?token= query fallback (which
leaked the token into logs/referrers) with an HttpOnly, SameSite=Strict
session cookie minted on the first header-authenticated request, so <img>
media loads authenticate without a URL token. Use hmac.compare_digest for
constant-time comparison and add Cache-Control: no-store + Referrer-Policy:
no-referrer on untrusted biometric media. Also cover upload/import boundary
validation (400) at the HTTP layer.
2026-06-20 18:43:53 +09:00
docs chore: pin runtime dependencies for offline air-gapped install 2026-06-20 18:19:08 +09:00
src/rights_filter fix: cookie-based operator auth keeps token out of URLs 2026-06-20 18:43:53 +09:00
tests fix: cookie-based operator auth keeps token out of URLs 2026-06-20 18:43:53 +09:00
web/operator-gui fix: resolve multi-agent review findings for workbench efficiency round 2026-06-12 18:44:35 +09:00
.env.example fix: harden operator HTTP server 2026-06-20 18:18:54 +09:00
.gitignore chore: pin runtime dependencies for offline air-gapped install 2026-06-20 18:19:08 +09:00
package.json chore: initial commit of copyrighter (rights_filter) 2026-06-09 09:50:31 +09:00
requirements-dev.txt chore: pin runtime dependencies for offline air-gapped install 2026-06-20 18:19:08 +09:00
requirements.txt chore: pin runtime dependencies for offline air-gapped install 2026-06-20 18:19:08 +09:00
run_copyrighter_server.py chore: initial commit of copyrighter (rights_filter) 2026-06-09 09:50:31 +09:00