core/php-admin
8
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity Actions

security: validate JSON metadata fields to prevent mass assignment #22

Merged
Charon merged 1 commit from security/validate-json-metadata into main 2026-02-21 01:26:04 +00:00
Conversation 1 Commits 1 Files changed 4 +421 -2

1 commit

Author SHA1 Message Date
Clotho
8922683bcf
security: validate JSON metadata fields to prevent mass assignment
Some checks failed
CI / PHP 8.2 (pull_request) Failing after 1s
Details
CI / PHP 8.3 (pull_request) Failing after 1s
Details
CI / PHP 8.4 (pull_request) Failing after 1s
Details
CI / Assets (pull_request) Failing after 1s
Details 
Add mutators to Service and HoneypotHit models that enforce size and
structure limits on JSON fields (metadata, headers). Service.setMeta()
now validates key format. TeapotController pre-filters header count
before passing to the model.

Fixes #14

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-21 01:25:47 +00:00