marketing-shibata50/multica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
multica/server
History
yushen 9e23fb76fc fix(upload): harden upload flow — sanitize filenames, refresh CF cookies, deduplicate handlers 
- Sanitize Content-Disposition filenames to prevent header injection (strip control chars, quotes, semicolons)
- Add CloudFront cookie refresh middleware so cookies are re-issued when expired
- Log errors in groupAttachments instead of silently swallowing them
- Move useFileUpload hook to shared/hooks/ per project architecture conventions
- Add uploadWithToast helper to deduplicate try/catch/toast pattern across 3 components
- Refactor ApiClient.uploadFile to reuse auth headers, 401 handling, and error parsing
- Allow empty MIME types client-side (let server sniff and decide)
- Constrain Image extension max-width in rich-text-editor to prevent layout overflow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 15:52:40 +08:00
..
cmd fix(upload): harden upload flow — sanitize filenames, refresh CF cookies, deduplicate handlers 2026-03-31 15:52:40 +08:00
internal fix(upload): harden upload flow — sanitize filenames, refresh CF cookies, deduplicate handlers 2026-03-31 15:52:40 +08:00
migrations feat(upload): add attachment table for tracking uploaded files 2026-03-31 15:29:41 +08:00
pkg feat(upload): signed URLs for CLI + eager load attachments on comments 2026-03-31 15:42:10 +08:00
go.mod fix(upload): add file type/size validation, Content-Disposition header 2026-03-31 14:55:27 +08:00
go.sum feat(upload): add file upload API with S3 + CloudFront signed cookies 2026-03-31 14:41:17 +08:00
sqlc.yaml feat: pivot to AI-native task management platform (#232) 2026-03-20 17:55:49 +08:00