Logo
Explore Help
Register Sign In
carrot_bbs/backend
4
0
Fork 0
You've already forked backend
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f1b8bb4511758ad37318b808e10944a30558469
backend/internal/pkg/utils/like.go

11 lines
159 B
Go
Raw Normal View History

feat: enhance security with IP banning, ownership checks, and SSRF protection Add comprehensive security improvements across the application: - **IP-based login protection**: Implement IP ban system tracking login failures, auto-banning after threshold exceeded - **Ownership verification**: Add userID parameter to Delete/Update operations for posts and comments to prevent unauthorized modifications - **SSRF protection**: Add URL and resolved host validation for image URLs in chat and OpenAI client - **SQL injection prevention**: Add EscapeLikeWildcard utility to escape special characters in LIKE queries - **HTTP security**: Configure server timeouts and add security headers middleware - **Rate limiting**: Refactor to support configurable duration and per-endpoint rate limits for auth routes - **Error handling**: Standardize error responses using HandleError and proper error types
2026-04-30 12:26:25 +08:00
package utils
import "strings"
func EscapeLikeWildcard(s string) string {
return strings.NewReplacer(
`\`, `\\`,
"%", `\%`,
"_", `\_`,
).Replace(s)
}
Reference in New Issue Copy Permalink
Powered by Gitea Version: 25.6.2 Page: 24ms Template: 2ms
English
Bahasa Indonesia Deutsch English Español Français Gaeilge Italiano Latviešu Magyar nyelv Nederlands Polski Português de Portugal Português do Brasil Suomi Svenska Türkçe Čeština Ελληνικά Български Русский Українська فارسی മലയാളം 日本語 简体中文 繁體中文(台灣) 繁體中文(香港) 한국어
Licenses API