Fix: CSP connect-src for jsdelivr + better create author error display 6d85d9d AuthorBot commited on 15 days ago
Fix: CSP expanded to allow Google Fonts and jsdelivr CDN used by admin SPA 5ae645d AuthorBot commited on 15 days ago
Production hardening: JWT blacklist, TOTP, Pydantic schemas, Prometheus, SSRF fix, CSP, Redis auth, Celery backup — 35 items across P0-P5 131d826 AuthorBot commited on 16 days ago
Fix auth session expiry with shared auto-refresh client for admin panels. e70f2c6 AuthorBot commited on 21 days ago
Fix SecurityHeadersMiddleware: rewrite as pure ASGI to avoid BaseHTTPMiddleware request body consumption bug 660ca76 AuthorBot commited on 22 days ago
Phase 4+5: Fix rate limiter paths (/api/v1 -> /api/chat|auth|admin), add SecurityHeadersMiddleware (HSTS, XSS, CSRF, CSP), fix QA export auth, fix route ordering 41f0eee AuthorBot commited on 22 days ago