Untone
82668768d0
### Security Features: - **Rate Limiting**: Redis-based IP tracking with configurable limits - General: 100 requests/minute (5min block) - Upload: 10 requests/5min (10min block) - Auth: 20 requests/15min (30min block) - **Request Validation**: Path length, header count, suspicious patterns - **Attack Detection**: Admin paths, script injections, bot patterns - **Enhanced JWT**: Format validation, length checks, character filtering - **IP Tracking**: X-Forwarded-For and X-Real-IP support ### Security Headers: - X-Content-Type-Options: nosniff - X-Frame-Options: DENY - X-XSS-Protection: 1; mode=block - Content-Security-Policy with strict rules - Strict-Transport-Security with includeSubDomains ### CORS Hardening: - Limited to specific domains: discours.io, new.discours.io - Restricted methods: GET, POST, OPTIONS only - Essential headers only ### Infrastructure: - Security middleware for all requests - Local cache + Redis for performance - Comprehensive logging and monitoring - Progressive blocking for repeat offenders ### Documentation: - Complete security guide (docs/security.md) - Configuration examples - Incident response procedures - Monitoring recommendations Version bump to 0.6.0 for major security enhancement.
37 lines
1.2 KiB
TOML
37 lines
1.2 KiB
TOML
[package]
|
|
name = "quoter"
|
|
version = "0.6.0"
|
|
edition = "2024"
|
|
|
|
[dependencies]
|
|
futures = "0.3.30"
|
|
serde_json = "1.0.143"
|
|
actix-web = "4.11.0"
|
|
actix-cors = "0.7.0"
|
|
reqwest = { version = "0.12.23", features = ["json"] }
|
|
sentry = { version = "0.42", features = ["tokio"] }
|
|
uuid = { version = "1.18.0", features = ["v4"] }
|
|
redis = { version = "0.32.5", features = ["tokio-comp"] }
|
|
tokio = { version = "1.47.1", features = ["rt-multi-thread", "macros", "fs", "net"] }
|
|
serde = { version = "1.0.219", features = ["derive"] }
|
|
sentry-actix = { version = "0.42", default-features = false }
|
|
aws-sdk-s3 = { version = "1.104.0", default-features = false, features = ["rt-tokio", "rustls"] }
|
|
image = { version = "0.25.6", default-features = false, features = ["jpeg", "png", "webp", "tiff"] }
|
|
mime_guess = "2.0.5"
|
|
aws-config = { version = "1.8.6", default-features = false, features = ["rt-tokio", "rustls"] }
|
|
actix-multipart = "0.7.2"
|
|
log = "0.4.22"
|
|
env_logger = "0.11.8"
|
|
actix = "0.13.5"
|
|
# libheif-sys = "1.12.0"
|
|
once_cell = "1.21.3"
|
|
kamadak-exif = "0.6.1"
|
|
infer = "0.19.0"
|
|
chrono = { version = "0.4", features = ["serde"] }
|
|
jsonwebtoken = "9.2.0"
|
|
base64 = "0.22.1"
|
|
|
|
[[bin]]
|
|
name = "quoter"
|
|
path = "./src/main.rs"
|