mirror of
https://github.com/abort-retry-ignore/joplock.git
synced 2026-05-22 11:38:29 +00:00
512824693c
Some checks failed
Build and push Joplock image / build-and-push (push) Has been cancelled
- add app/proxy/vaultProxyGuard.js: inspects proxied note writes and deletes before forwarding to upstream Joplin Server - covers single PUT /api/items/root:/<id>.md:/content, batch PUT /api/batch_items, single DELETE, and batch DELETE - rejects with 403 when a vault note body lacks the encrypted marker, or when a vault note is deleted via the sync proxy - bodies over 10 MB stream through without inspection (resource blobs) - unauthenticated requests stream through (upstream handles 401) - wire guard into createServer.js proxy entry point; replay buffered body via Readable.from() on allow - 34 new unit tests, all 394 tests passing |
||
|---|---|---|
| .. | ||
| auth | ||
| items | ||
| proxy | ||
| routes | ||
| templates | ||
| adminService.js | ||
| backupService.js | ||
| createServer.js | ||
| env.js | ||
| historyService.js | ||
| markdownRenderer.js | ||
| recoveryService.js | ||
| settingsService.js | ||
| templates.js | ||
| vaultService.js | ||