xpltdco/media-rip
1
0
Fork 0
mirror of https://github.com/xpltdco/media-rip.git synced 2026-04-03 02:53:58 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions
media-rip/backend/app
History
Exact
xpltd cbaec9ad36 R020: Zero outbound telemetry — CSP + security headers 
Verified: no external URLs in frontend (no CDN fonts, no analytics,
no Google Fonts, no external scripts). All fonts use system fallback
chains (JetBrains Mono → Cascadia Code → Fira Code → monospace).
No outbound HTTP calls in backend code.

Added SecurityHeadersMiddleware enforcing:
- Content-Security-Policy: default-src 'self', script/font/connect
  restricted to 'self', style allows 'unsafe-inline' for Vue scoped
  styles, img allows data: URIs, object-src 'none', frame-ancestors
  'none'
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- Referrer-Policy: no-referrer

These headers prevent any accidental introduction of external
resources in future development — CSP violations will block them.
2026-03-19 06:53:08 -05:00
..
core Error log: failed download diagnostics for admin 2026-03-19 06:34:08 -05:00
middleware M001: media.rip() v1.0 — complete application 2026-03-18 20:00:17 -05:00
models Fix playlist support, session persistence, audio detection, progress errors 2026-03-19 02:53:45 -05:00
routers Error log: failed download diagnostics for admin 2026-03-19 06:34:08 -05:00
services Error log: failed download diagnostics for admin 2026-03-19 06:34:08 -05:00
__init__.py M001: media.rip() v1.0 — complete application 2026-03-18 20:00:17 -05:00
dependencies.py M001: media.rip() v1.0 — complete application 2026-03-18 20:00:17 -05:00
main.py R020: Zero outbound telemetry — CSP + security headers 2026-03-19 06:53:08 -05:00