security: LOW findings + fix .gitignore overmatch
- Swagger UI restricted to localhost only - Message content length limit (4000 chars max) on create + update - Bot/server/webhook ownership checks return 404 instead of 403 (prevents resource ID enumeration) - Fix .gitignore: /server instead of server to stop ignoring internal/server/ directory
This commit is contained in:
+3
-3
@@ -37,6 +37,6 @@ Thumbs.db
|
||||
postgres_data/
|
||||
valkey_data/
|
||||
minio_data/
|
||||
server
|
||||
migrate
|
||||
dumpster-server
|
||||
/server
|
||||
/migrate
|
||||
/dumpster-server
|
||||
|
||||
Reference in New Issue
Block a user