singlexyz/ChatGPT-Next-Web
1
0
Fork 0
forked from XiaoMo/ChatGPT-Next-Web
Code Pull Requests Activity
89bc98d26b
ChatGPT-Next-Web/app
History
B0zal 605dd72354
[+] CodeQL Report Fix log injection vulnerability in useSyncStore 
Severity : High
Sanitize the 'res' object before logging it in the 'check' method of useSyncStore to prevent log injection attacks.
The 'res' object is now sanitized by extracting only the necessary properties ('status', 'statusText', and 'headers') and logging the sanitized object instead.
This ensures that only safe and expected data is logged, mitigating the risk of log injection vulnerabilities.
2023-09-11 08:49:08 +07:00
..
api fix: #2594 trim the / 2023-08-10 10:47:06 +08:00
client feat: close #2621 use better default api url 2023-08-14 21:36:29 +08:00
components fixup 2023-09-11 00:39:56 +08:00
config feat: close #2192 use /list/models to get model ids 2023-07-04 23:16:24 +08:00
icons feat: improve dnd icon 2023-07-16 15:49:15 +08:00
locales Merge pull request #2796 from Yidadaa/backup 2023-09-11 00:27:51 +08:00
masks feat: #920 migrate id to nanoid 2023-07-09 19:37:42 +08:00
store [+] CodeQL Report Fix log injection vulnerability in useSyncStore 2023-09-11 08:49:08 +07:00
styles Update globals.scss 2023-08-18 18:18:16 +08:00
utils feat: close #2754 add import/export to file 2023-09-11 00:20:23 +08:00
command.ts feat: close #2447 pre-fill key/code/url 2023-07-20 23:17:58 +08:00
constant.ts feat: close #2752 auto re-fill unfinished input 2023-09-05 01:54:28 +08:00
global.d.ts feat: close #1994 add clipboard write api 2023-06-29 00:27:18 +08:00
layout.tsx feat: close #2618 use correct html lang attr 2023-08-14 21:55:18 +08:00
page.tsx feat: dynamic config 2023-04-11 02:54:31 +08:00
polyfill.ts fix: #397 #373 Array.prototype.at polyfill errors 2023-04-03 13:29:37 +08:00
typing.ts refactor: #1000 #1179 api layer for client-side only mode and local models 2023-05-15 01:33:46 +08:00
utils.ts feat: close #1994 add clipboard write api 2023-06-29 00:27:18 +08:00