Harden security, modularize API bootstrap, and fix scale SSE auth.
Block web access to sensitive paths, require API_TOKEN for mutations, encrypt GitHub issue credentials in .env, auto-provision tokens for same-origin clients, and pass api_token in scale relay URLs since EventSource cannot send headers. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
dadaloop82
+16
-2
@@ -416,7 +416,16 @@
|
||||
"load_error": "Fehler beim Laden",
|
||||
"favorite": "Zu Favoriten hinzufügen",
|
||||
"unfavorite": "Aus Favoriten entfernen",
|
||||
"adjust_persons": "Personen"
|
||||
"adjust_persons": "Personen",
|
||||
"nutrition_title": "Nährwerte (pro Portion)",
|
||||
"nutrition_kcal": "Kalorien",
|
||||
"nutrition_protein": "Protein",
|
||||
"nutrition_carbs": "Kohlenhydrate",
|
||||
"nutrition_fat": "Fett",
|
||||
"nutrition_per_serving": "Geschätzte Werte pro Portion",
|
||||
"storage_title": "Aufbewahrung von Resten",
|
||||
"storage_days": "{n} Tage",
|
||||
"storage_immediately": "Am besten sofort verzehren"
|
||||
},
|
||||
"shopping": {
|
||||
"title": "🛒 Einkaufsliste",
|
||||
@@ -1467,7 +1476,12 @@
|
||||
"error_network_detail": "Der Browser kann den PHP-Server nicht erreichen.\n\nMögliche Ursachen:\n• Apache/PHP-Server läuft nicht\n• Netzwerk- oder Firewall-Problem\n• Falsche App-URL\n\nBitte Server starten und erneut versuchen.",
|
||||
"retry": "Erneut versuchen",
|
||||
"syncing_local": "Lokale Daten synchronisieren...",
|
||||
"sync_done": "Lokale Daten aktualisiert"
|
||||
"sync_done": "Lokale Daten aktualisiert",
|
||||
"token_required": "API-Token erforderlich",
|
||||
"token_autoconfig": "Zugriff wird konfiguriert...",
|
||||
"token_prompt_title": "🔒 API-Token",
|
||||
"token_prompt_hint": "Geben Sie den API_TOKEN-Wert aus der .env-Datei des Servers ein.",
|
||||
"token_prompt_btn": "Weiter"
|
||||
},
|
||||
"stats_monthly": {
|
||||
"title": "Monatsstatistik",
|
||||
|
||||
+16
-2
@@ -416,7 +416,16 @@
|
||||
"load_error": "Loading error",
|
||||
"favorite": "Add to favourites",
|
||||
"unfavorite": "Remove from favourites",
|
||||
"adjust_persons": "Persons"
|
||||
"adjust_persons": "Persons",
|
||||
"nutrition_title": "Nutritional values (per serving)",
|
||||
"nutrition_kcal": "Calories",
|
||||
"nutrition_protein": "Protein",
|
||||
"nutrition_carbs": "Carbs",
|
||||
"nutrition_fat": "Fat",
|
||||
"nutrition_per_serving": "Estimated values per serving",
|
||||
"storage_title": "How to store leftovers",
|
||||
"storage_days": "{n} days",
|
||||
"storage_immediately": "Best eaten immediately"
|
||||
},
|
||||
"shopping": {
|
||||
"title": "🛒 Shopping List",
|
||||
@@ -1467,7 +1476,12 @@
|
||||
"error_network_detail": "The browser cannot reach the PHP server.\n\nPossible causes:\n• Apache/PHP server is not running\n• Network or firewall issue\n• Incorrect app URL\n\nMake sure the server is started and try again.",
|
||||
"retry": "Retry",
|
||||
"syncing_local": "Syncing local data...",
|
||||
"sync_done": "Local data synced"
|
||||
"sync_done": "Local data synced",
|
||||
"token_required": "API token required",
|
||||
"token_autoconfig": "Configuring access...",
|
||||
"token_prompt_title": "🔒 API Token",
|
||||
"token_prompt_hint": "Enter the API_TOKEN value from the server .env file.",
|
||||
"token_prompt_btn": "Continue"
|
||||
},
|
||||
"stats_monthly": {
|
||||
"title": "Monthly Stats",
|
||||
|
||||
+16
-2
@@ -411,7 +411,16 @@
|
||||
"load_error": "Error de carga",
|
||||
"favorite": "Añadir a favoritos",
|
||||
"unfavorite": "Quitar de favoritos",
|
||||
"adjust_persons": "Personas"
|
||||
"adjust_persons": "Personas",
|
||||
"nutrition_title": "Valores nutricionales (por ración)",
|
||||
"nutrition_kcal": "Calorías",
|
||||
"nutrition_protein": "Proteínas",
|
||||
"nutrition_carbs": "Carbohidratos",
|
||||
"nutrition_fat": "Grasas",
|
||||
"nutrition_per_serving": "Valores estimados por ración",
|
||||
"storage_title": "Cómo conservar las sobras",
|
||||
"storage_days": "{n} días",
|
||||
"storage_immediately": "Mejor consumir de inmediato"
|
||||
},
|
||||
"shopping": {
|
||||
"title": "🛒 Lista de la compra",
|
||||
@@ -1410,7 +1419,12 @@
|
||||
"error_network": "No se puede contactar con el servidor. Comprueba tu conexión de red.",
|
||||
"retry": "Reintentar",
|
||||
"syncing_local": "Sincronizando datos locales...",
|
||||
"sync_done": "Datos locales sincronizados"
|
||||
"sync_done": "Datos locales sincronizados",
|
||||
"token_required": "Token API requerido",
|
||||
"token_autoconfig": "Configurando acceso...",
|
||||
"token_prompt_title": "🔒 Token API",
|
||||
"token_prompt_hint": "Introduce el valor API_TOKEN del archivo .env del servidor.",
|
||||
"token_prompt_btn": "Continuar"
|
||||
},
|
||||
"stats_monthly": {
|
||||
"title": "Estadísticas Mensuales",
|
||||
|
||||
+16
-2
@@ -411,7 +411,16 @@
|
||||
"load_error": "Erreur de chargement",
|
||||
"favorite": "Ajouter aux favoris",
|
||||
"unfavorite": "Retirer des favoris",
|
||||
"adjust_persons": "Personnes"
|
||||
"adjust_persons": "Personnes",
|
||||
"nutrition_title": "Valeurs nutritionnelles (par portion)",
|
||||
"nutrition_kcal": "Calories",
|
||||
"nutrition_protein": "Protéines",
|
||||
"nutrition_carbs": "Glucides",
|
||||
"nutrition_fat": "Lipides",
|
||||
"nutrition_per_serving": "Valeurs estimées par portion",
|
||||
"storage_title": "Comment conserver les restes",
|
||||
"storage_days": "{n} jours",
|
||||
"storage_immediately": "À consommer immédiatement"
|
||||
},
|
||||
"shopping": {
|
||||
"title": "🛒 Liste de courses",
|
||||
@@ -1410,7 +1419,12 @@
|
||||
"error_network": "Impossible de contacter le serveur. Vérifiez votre connexion réseau.",
|
||||
"retry": "Réessayer",
|
||||
"syncing_local": "Synchronisation des données locales...",
|
||||
"sync_done": "Données locales synchronisées"
|
||||
"sync_done": "Données locales synchronisées",
|
||||
"token_required": "Jeton API requis",
|
||||
"token_autoconfig": "Configuration de l'accès...",
|
||||
"token_prompt_title": "🔒 Jeton API",
|
||||
"token_prompt_hint": "Saisissez la valeur API_TOKEN du fichier .env du serveur.",
|
||||
"token_prompt_btn": "Continuer"
|
||||
},
|
||||
"stats_monthly": {
|
||||
"title": "Statistiques Mensuelles",
|
||||
|
||||
+16
-2
@@ -416,7 +416,16 @@
|
||||
"load_error": "Errore nel caricamento",
|
||||
"favorite": "Aggiungi ai preferiti",
|
||||
"unfavorite": "Rimuovi dai preferiti",
|
||||
"adjust_persons": "Persone"
|
||||
"adjust_persons": "Persone",
|
||||
"nutrition_title": "Valori nutrizionali (per porzione)",
|
||||
"nutrition_kcal": "Calorie",
|
||||
"nutrition_protein": "Proteine",
|
||||
"nutrition_carbs": "Carboidrati",
|
||||
"nutrition_fat": "Grassi",
|
||||
"nutrition_per_serving": "Valori stimati per porzione",
|
||||
"storage_title": "Come conservare gli avanzi",
|
||||
"storage_days": "{n} giorni",
|
||||
"storage_immediately": "Da consumare subito"
|
||||
},
|
||||
"shopping": {
|
||||
"title": "🛒 Lista della Spesa",
|
||||
@@ -1466,7 +1475,12 @@
|
||||
"error_network_detail": "Il browser non riesce a raggiungere il server PHP.\n\nPossibili cause:\n• Il server Apache/PHP non è in esecuzione\n• Problema di rete o firewall\n• URL dell'app non corretta\n\nControlla che il server sia avviato e riprova.",
|
||||
"retry": "Riprova",
|
||||
"syncing_local": "Sincronizzazione dati locali...",
|
||||
"sync_done": "Dati locali aggiornati"
|
||||
"sync_done": "Dati locali aggiornati",
|
||||
"token_required": "Token API richiesto",
|
||||
"token_autoconfig": "Configurazione accesso...",
|
||||
"token_prompt_title": "🔒 Token API",
|
||||
"token_prompt_hint": "Inserisci il valore API_TOKEN dal file .env del server.",
|
||||
"token_prompt_btn": "Continua"
|
||||
},
|
||||
"stats_monthly": {
|
||||
"title": "Statistiche Mensili",
|
||||
|
||||
Reference in New Issue
Block a user