swagger-tools

rimskij/swagger-tools

Fork 0

Commit graph

Author	SHA1	Message	Date
rimskij	d7f354b37d	feat: add security hardening for ReDoS, path traversal, and SSRF - Add input-validation.ts with regex, path, and URL validation utilities - Validate regex patterns before RegExp creation to prevent ReDoS - Block dangerous nested quantifiers (a+)+, (a*)+, etc. - Prevent path traversal with directory escape detection - Block localhost, private IPs, and non-http/https protocols for SSRF - Add SecurityOptions for configurable validation (allowPrivateIPs, etc.) - Include 33 security tests (unit + integration) Fixes #362 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-12 18:20:26 +01:00

Author

SHA1

Message

Date

rimskij

d7f354b37d

feat: add security hardening for ReDoS, path traversal, and SSRF

- Add input-validation.ts with regex, path, and URL validation utilities
- Validate regex patterns before RegExp creation to prevent ReDoS
- Block dangerous nested quantifiers (a+)+, (a*)+, etc.
- Prevent path traversal with directory escape detection
- Block localhost, private IPs, and non-http/https protocols for SSRF
- Add SecurityOptions for configurable validation (allowPrivateIPs, etc.)
- Include 33 security tests (unit + integration)

Fixes #362

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-12 18:20:26 +01:00

1 commit