tokens-reef

pham/tokens-reef

Fork 0

Commit Graph

Author	SHA1	Message	Date
User	db307b0d0f	fix(security): add SQL injection defense for CREATE DATABASE Add quoteIdentifier() function to safely quote PostgreSQL identifiers following PostgreSQL's quoting rules (wrap in double quotes, escape internal quotes by doubling). This provides defense-in-depth for the CREATE DATABASE statement, complementing the existing validateDBName() input validation. Changes: - Add quoteIdentifier() function with proper escaping - Use quoted identifier in CREATE DATABASE statement - Add comprehensive unit tests for quoteIdentifier()	2026-04-16 20:28:36 +08:00
神乐	b59c79c458	fix: 简易模式仅提升管理员默认并发到30	2026-03-07 18:19:04 +08:00
yangjianbo	e722992439	fix(setup): 数据库有用户时跳过管理员引导	2026-02-12 16:50:42 +08:00

Author

SHA1

Message

Date

User

db307b0d0f

fix(security): add SQL injection defense for CREATE DATABASE

Add quoteIdentifier() function to safely quote PostgreSQL identifiers
following PostgreSQL's quoting rules (wrap in double quotes, escape
internal quotes by doubling).

This provides defense-in-depth for the CREATE DATABASE statement,
complementing the existing validateDBName() input validation.

Changes:
- Add quoteIdentifier() function with proper escaping
- Use quoted identifier in CREATE DATABASE statement
- Add comprehensive unit tests for quoteIdentifier()

2026-04-16 20:28:36 +08:00

神乐

b59c79c458

fix: 简易模式仅提升管理员默认并发到30

2026-03-07 18:19:04 +08:00

yangjianbo

e722992439

fix(setup): 数据库有用户时跳过管理员引导

2026-02-12 16:50:42 +08:00

3 Commits