5319bf3e4c
Security: - Add CSP headers for HTML reports (style-src 'unsafe-inline') - Restrict origin validation to specific .kappa-d8e.workers.dev domain - Add base64 size limit (100KB) for report data parameter - Implement rejection sampling for unbiased password generation - Add SQL LIKE pattern escaping for tech specs query - Add security warning for plaintext password storage (TODO: encrypt) Performance: - Add Telegram API timeout (10s) with AbortController - Fix rate limiter sorting by resetTime for proper cleanup - Use centralized TIMEOUTS config for VPS provider APIs Features: - Add admin SSH key support for server recovery access - ADMIN_SSH_PUBLIC_KEY for Linode (public key string) - ADMIN_SSH_KEY_ID_VULTR for Vultr (pre-registered key ID) - Add origin validation middleware - Add idempotency key migration Code Quality: - Return 404 status when no servers found - Consolidate error logging to single JSON.stringify call - Import TECH_CATEGORY_WEIGHTS from config.ts - Add escapeLikePattern utility function Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
549 B
549 B