DAW/furt
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 3 Packages 1 Wiki Activity Actions

security: sanitize internal infrastructure details from open source package

Browse source 
- Remove production_test_sequence.sh (DAW-specific production tests)
- Remove setup_env.sh (obsolete .env setup, replaced by furt.conf)
- Sanitize test scripts: replace dragons-at-work.de with example.com
- Sanitize API keys: replace dev keys with placeholder values
- Remove hardcoded DAW fallbacks from http_server.lua and smtp.lua
- Update .gitignore to exclude production-specific test files

Tests remain functional for developers with example domains.
All internal DAW infrastructure details removed from package.

Closes #101
This commit is contained in:
michael 2025-09-07 21:25:25 +02:00
parent baa2490bbe
commit 08b49d3d75
11 changed files with 77 additions and 259 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/http_server.lua
View file

@ -91,9 +91,7 @@ end
function FurtServer:add_cors_headers(request)
local allowed_origins = config.cors and config.cors.allowed_origins or {
"http://localhost:1313",
"http://127.0.0.1:1313",
"https://dragons-at-work.de",
"https://www.dragons-at-work.de"
"http://127.0.0.1:1313"
}
-- Check if request has Origin header