jeffemmett
/
rspace-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rspace-online/modules
History
Jeff Emmett bc810d34e4 fix(security): low-severity hardening and security headers 
- L-1: Remove internal error details from SIWE verify response
- L-2: Stop forwarding raw Safe API error bodies to clients (log server-side)
- L-3: Evict stale keys from nonce rate limiter to prevent memory leak
- L-4: Add input length/type guards on wallet-link verify body fields
- L-5: Sanitize and cap limit query param on Safe transfers route (max 200)
- L-6: Server recomputes addressHash from SIWE address instead of trusting
  client-supplied value for dedup
- L-7: Reset LinkedWalletStore singleton on logout to clear cached keys
- I-1: Add X-Content-Type-Options, X-Frame-Options, Referrer-Policy headers
- I-9: Build EIP712Domain type array dynamically from domain fields in
  ExternalSigner.signTypedData (was hardcoded to empty, dropping fields)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 		2026-03-09 18:06:07 -07:00
..
rbooks feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rcal feat(rcal): add swipe/pan navigation and pinch-to-zoom gestures 2026-03-09 15:12:47 -07:00
rcart feat: wire offline-first Automerge sync to all 13 rSpace modules 2026-03-04 19:07:59 -08:00
rchoices feat: workflow template, choice components, space settings, EncryptID vault, UI polish 2026-03-03 13:15:13 -08:00
rdata feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rdesign feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rdocs feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rfiles feat: wire offline-first Automerge sync to all 13 rSpace modules 2026-03-04 19:07:59 -08:00
rflows feat(rcal): add swipe/pan navigation and pinch-to-zoom gestures 2026-03-09 15:12:47 -07:00
rforum feat: wire offline-first Automerge sync to all 13 rSpace modules 2026-03-04 19:07:59 -08:00
rinbox feat: wire offline-first Automerge sync to all 13 rSpace modules 2026-03-04 19:07:59 -08:00
rmaps feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rnetwork feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rnotes fix(rnotes): remove premature seed from onInit (runs before loadAllDocs) 2026-03-09 15:16:19 -07:00
rphotos feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rpubs feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rschedule feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rsocials feat(rcal): add swipe/pan navigation and pinch-to-zoom gestures 2026-03-09 15:12:47 -07:00
rspace fix: layer flows drag-to-connect, notification 401 spam, /api/meta 404 2026-03-04 11:12:19 -08:00
rsplat feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rswag feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rtrips feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rtube feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00
rvote feat: wire offline-first Automerge sync to all 13 rSpace modules 2026-03-04 19:07:59 -08:00
rwallet fix(security): low-severity hardening and security headers 2026-03-09 18:06:07 -07:00
rwork feat: scope system, cross-space navigation, and spaces-as-layers 2026-03-09 06:33:32 +00:00