mirror/Checkmate
1
0
Fork 0
mirror of https://github.com/bluewave-labs/Checkmate.git synced 2026-04-25 18:40:59 -05:00
Code Issues Packages Projects Releases Wiki Activity
6,941 Commits 44 Branches 27 Tags
d890b972be118e5e43cea5a5a6051bb2590043ff
Commit Graph

51 Commits

Author SHA1 Message Date
Alexander Holliday d890b972be Merge pull request #2762 from bluewave-labs/security/apply-input-sanitization 
Apply Input Sanitization for XSS Protection
 2025-08-11 14:53:32 -07:00
gorkem-bwl 88b68a9df0 fix: apply prettier formatting to app.js 
Fixed formatting issues to pass CI/CD checks
 2025-08-11 17:39:08 -04:00
gorkem-bwl 8b322a0ec0 feat: apply input sanitization to prevent XSS attacks 
Enables comprehensive XSS protection by applying sanitization middleware
to all incoming requests. Uses the sanitization utilities added in previous PR.

Changes:
- Added sanitizeBody() and sanitizeQuery() middleware after express.json()
- Enhanced Content Security Policy headers for additional XSS protection
- Added 'object-src: none' and 'base-uri: self' directives
- All user inputs now automatically sanitized before processing

Security improvements:
- Prevents stored XSS attacks through HTML sanitization
- Recursive sanitization handles nested objects and arrays
- Maintains backward compatibility with existing functionality
- Strengthened CSP headers block unsafe content injection

Files changed: src/app.js (9 lines added)
Risk level: Medium (global middleware application)
 2025-08-11 17:33:05 -04:00
gorkem-bwl 7968ed8a19 fix: apply prettier formatting to sanitization.js 
Fixed formatting issues identified by CI/CD system
 2025-08-11 17:26:28 -04:00
gorkem-bwl 2fba22d0f6 feat: add input sanitization infrastructure 
Adds foundational utilities for XSS prevention without applying them yet.
This prepares the codebase for comprehensive input sanitization in a follow-up PR.

Changes:
- Added isomorphic-dompurify and jsdom dependencies
- Created sanitization utilities in src/utils/sanitization.js
- Includes recursive object sanitization functions
- Provides Express middleware for body and query sanitization

Infrastructure only - no behavioral changes yet.

Files added:
- src/utils/sanitization.js (sanitization utilities)
- package.json (new dependencies)

Next steps:
- Apply sanitization middleware in follow-up PR
- Enable XSS protection across application
 2025-08-11 17:23:14 -04:00
Alexander Holliday 17cac37967 Merge pull request #2736 from burak28/feat/add-game-server-support 
Feat/add game server support
 2025-08-08 15:11:06 -07:00
Burak Arslan b7e7028b6f Fix error handling and method assignment in requestGame function 2025-08-08 23:59:41 +03:00
Burak Arslan 4c2c452b91 Improve validation and error handling on form field 2025-08-06 00:53:35 +03:00
ThetaOI 02b7dc080b Merge branch 'bluewave-labs:develop' into Network-tab-implementation-infra 2025-08-05 19:49:38 +05:30
Owaise d4e8381827 Renamed them as average values in the table. 2025-08-05 19:43:35 +05:30
mohadeseh safari 45352b62e1 feat(status-page): add customCSS field to StatusPage model 2025-08-03 18:51:12 -04:00
Burak Arslan 0ea3379397 Merge branch 'feat/add-game-server-support' of https://github.com/burak28/Checkmate into feat/add-game-server-support 2025-08-03 13:20:02 +03:00
Burak Arslan 281cbbc30f feat: add game server monitoring support 
- Added a new `/games` route in `monitorRoute.js` to fetch all supported games.
- Implemented `getAllGames` method in `monitorController.js` using the `gamedig` library.
- Introduced `useFetchMonitorGames` hook in `monitorHooks.js` to fetch game data in the frontend.
- Updated `UptimeCreate` page to support game server monitoring:
  - Added a new monitor type `"game"`.
  - Dynamically fetches and displays game options using the new `/games` API.
- Removed hardcoded `GAMES` object and replaced it with dynamic fetching from the backend.
- Updated `NetworkService.js` with a new `getMonitorGames` method for API calls.

This update introduces game server monitoring functionality, allowing users to monitor game servers dynamically.
 2025-08-03 13:19:55 +03:00
owiaseimdad 950c5fdc92 Formating done. 2025-08-02 12:42:35 +05:30
allanmaaz 114572024c Removed teh required true from network db. 2025-08-02 12:34:31 +05:30
Burak Arslan 8503b7ece4 Merge branch 'develop' into feat/add-game-server-support 2025-08-02 02:28:53 +03:00
Burak Arslan b53650a50f Run npm run format 2025-08-02 02:25:58 +03:00
Burak Arslan 9ad3b58fcd Added game server support 2025-08-02 02:04:06 +03:00
Alex Holliday a86e9ff480 fix references 2025-07-31 13:24:32 -07:00
Alex Holliday 0779e5ea15 remove commented out imports 2025-07-31 12:02:52 -07:00
Alex Holliday ce49270cf8 remove unused diagnostic db module 2025-07-31 12:00:27 -07:00
Alex Holliday 7a190f7c69 module -> class 2025-07-31 11:57:55 -07:00
Alexander Holliday 7d5302cfcf Merge pull request #2707 from singh-kanwarpreet/feature/global-thresholds 
Feature/global thresholds
 2025-07-31 09:31:14 -07:00
Alex Holliday 927e8a88b8 remove console log 2025-07-31 09:18:12 -07:00
Alex Holliday 54d3392cf1 remove commented out imports 2025-07-30 15:35:16 -07:00
Alex Holliday 48cf8a5e73 module -> class 2025-07-30 15:34:03 -07:00
Alex Holliday b5f4c04165 module->class 2025-07-30 15:21:22 -07:00
Alex Holliday 7bf96f6194 module -> class 2025-07-30 15:14:36 -07:00
Alex Holliday 16ebe4b1ab module -> class 2025-07-30 15:06:19 -07:00
Alex Holliday de742068a7 module -> class 2025-07-30 12:25:12 -07:00
Alex Holliday 585fb4f700 module -> class 2025-07-30 11:36:19 -07:00
Alex Holliday 00f5eaf44d module -> class 2025-07-30 11:27:29 -07:00
Alex Holliday 8adad64248 refactor module into class 2025-07-30 10:41:53 -07:00
Alex Holliday 753a904c94 refacotr status page module into class 2025-07-30 10:20:33 -07:00
Alex Holliday 78a5b2e666 fix crypto dependency 2025-07-30 09:18:16 -07:00
Alex Holliday ca02ed9d18 refactor invite module into class 2025-07-29 19:53:11 -07:00
Alex Holliday e55d8618bd convert checkModule to class for dependency injection 2025-07-29 11:51:06 -07:00
Alex Holliday e63faebcb8 replace missing secrets 2025-07-29 10:08:45 -07:00
Alex Holliday 10c822c5d9 add legacy logger 2025-07-29 10:01:20 -07:00
singh-kanwarpreet dbea93f9ba Improved Code Quality 2025-07-29 21:35:30 +05:30
singh-kanwarpreet bf5d7f3c53 Adding Global Threshold Settings 2025-07-29 16:05:53 +05:30
Alex Holliday 6e49e19ba1 refactor serviceRegistry 2025-07-28 15:25:33 -07:00
Alex Holliday de80a530e5 refactor logger 2025-07-28 15:03:28 -07:00
Alex Holliday f3e50120ee appSettings -> envSettings 2025-07-28 14:37:18 -07:00
Alex Holliday 6025323c4b less aggressive auth rate limiting 2025-07-28 13:48:09 -07:00
Owaise Imdad ab0bf5ca5f Fixed the names and err out and err in . 2025-07-29 00:42:55 +05:30
Owaise Imdad 158b66e43b Merge branch 'develop' of https://github.com/Owaiseimdad/Checkmate into Network-tab-implementation-infra 2025-07-29 00:30:46 +05:30
Alex Holliday ec99b5e9b4 add rate limiting 2025-07-28 12:00:09 -07:00
Alex Holliday ab8868e6c4 add an field to the monitor for status page queries 2025-07-28 11:35:49 -07:00
Alex Holliday e5e02b553a fix dependencies 2025-07-27 19:51:39 -07:00