Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 15 Wiki Activity
Files
8fa20c699039d185e6625619db5a77e39a66c753
sofarr/server
History
Gronod 8fa20c6990 fix(security #10): sanitize error details to prevent API key leakage 
Added server/utils/sanitizeError.js which redacts:
- ?apikey= query parameters (SABnzbd passes key in URL)
- ?token= query parameters
- X-Api-Key / X-MediaBrowser-Token / X-Emby-Authorization header
  values if they appear in the error message string

Applied to all catch blocks in emby.js, sabnzbd.js, sonarr.js,
radarr.js, and dashboard.js. Internal error.message still logged
server-side (unredacted) for debugging.
2026-05-16 16:22:11 +01:00
..
middleware
fix(security #7,#8,#9): signed cookies, isAdmin tamper-proof, schema validation
2026-05-16 16:20:37 +01:00
routes
fix(security #10): sanitize error details to prevent API key leakage
2026-05-16 16:22:11 +01:00
utils
fix(security #10): sanitize error details to prevent API key leakage
2026-05-16 16:22:11 +01:00
index.js
fix(security #7,#8,#9): signed cookies, isAdmin tamper-proof, schema validation
2026-05-16 16:20:37 +01:00