Oliver/video-accessibility
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
video-accessibility/backend/app/middleware
History
Vadym Samoilenko f22d568fc5 fix(security): fix false-positive injection blocks on French/multilingual VTT content 
- Remove ';' from command-injection pattern — semicolons are common in French
  and other European languages, not a shell injection risk in JSON context
- Skip security pattern scanning for free-text fields (captions_vtt,
  audio_description_vtt, notes, etc.) — natural language always generates
  false positives against injection regexes
- Add GET/HEAD to GCS CORS config so browsers can load signed VTT URLs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-13 19:11:01 +01:00
..
__init__.py chore: push all session changes — backend hardening, tests, apache config, deploy scripts 2026-04-30 15:52:14 +01:00
rate_limiting.py chore(lint): fix all ruff errors — 0 warnings remaining 2026-05-13 17:13:08 +01:00
validation.py fix(security): fix false-positive injection blocks on French/multilingual VTT content 2026-05-13 19:11:01 +01:00