alteropen/streamyfin
1
0
Fork 0
mirror of https://github.com/streamyfin/streamyfin.git synced 2026-01-18 00:58:03 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
Files
codeql-fix
streamyfin/hooks
History
Uruk 2c0ed076d5 fix(security): prevent log injection in WebSocket message logging 
Sanitize WebSocket messages before logging to prevent log injection attacks.
User-controlled data from WebSocket messages could contain newline characters
that allow forging fake log entries.

Changes:
- Convert message object to JSON string and remove newlines/carriage returns
- Use format specifier (%s) for safe string interpolation
- Applied fix to providers/WebSocketProvider.tsx and hooks/useWebsockets.ts

Resolves CodeQL security alert js/log-injection

Co-authored-by: GitHub Copilot Autofix <noreply@github.com>
2025-11-07 22:35:53 +01:00
..
useControlsVisibility.ts
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
useCreditSkipper.ts
chore: update dependencies and refactor config plugin imports (#993)
2025-08-29 22:06:50 +02:00
useDefaultPlaySettings.ts
feat: replace content item dropdowns with sheets (#968)
2025-08-21 17:19:53 +02:00
useDownloadedFileOpener.ts
refactor: Feature/offline mode rework (#859)
2025-08-15 21:34:22 +02:00
useFavorite.ts
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
useHaptic.ts
fix: Jellyseerr discovery crash (#1032)
2025-09-03 21:41:35 +02:00
useImageColors.ts
fix: tv playback (#820)
2025-08-07 10:12:40 +02:00
useImageColorsReturn.ts
feat: new large carousel (#1098)
2025-09-29 11:32:34 +02:00
useImageStorage.ts
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
useInterval.ts
fix(typescript): resolve 44 TypeScript errors in core components (#1004)
2025-08-31 16:56:53 +02:00
useIntroSkipper.ts
chore: update dependencies and refactor config plugin imports (#993)
2025-08-29 22:06:50 +02:00
useItemQuery.ts
refactor: Feature/offline mode rework (#859)
2025-08-15 21:34:22 +02:00
useJellyfinDiscovery.tsx
fix(typescript): resolve 44 TypeScript errors in core components (#1004)
2025-08-31 16:56:53 +02:00
useJellyseerr.ts
fix: resolve type issues and improve component reliability (#1078)
2025-09-25 22:47:49 +02:00
useMarkAsPlayed.ts
refactor: Feature/offline mode rework (#859)
2025-08-15 21:34:22 +02:00
useNetworkStatus.ts
fix: add better offline messages and checks (#1051)
2025-09-19 16:47:58 +02:00
useOrientation.ts
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
usePlaybackManager.ts
feat: fix playback reporting (#1077)
2025-09-22 12:11:14 +02:00
useRevalidatePlaybackProgressCache.ts
refactor: Feature/offline mode rework (#859)
2025-08-15 21:34:22 +02:00
useSessions.ts
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
useTrickplay.ts
chore: update dependencies and refactor config plugin imports (#993)
2025-08-29 22:06:50 +02:00
useTwoWaySync.ts
fix: offline checking (#989)
2025-09-03 12:26:56 +02:00
useWebsockets.ts
fix(security): prevent log injection in WebSocket message logging
2025-11-07 22:35:53 +01:00