kenmirrors/MagicMirror
1
0
Fork 0
mirror of https://github.com/MichMich/MagicMirror.git synced 2026-06-04 10:19:29 +00:00
Code Issues Projects Releases Wiki Activity
Files
develop
MagicMirror/tests/e2e
History
Kristjan ESPERANTO 58c2a5e675 fix(server): enforce ipWhitelist for Socket.IO too (#4169) 
ipWhitelist was only applied to HTTP routes, so Socket.IO module
namespaces could still be reached from disallowed clients.

This adds the same whitelist check to Socket.IO handshakes
(allowRequest), and reuses the same client IP resolution for both HTTP
and Socket.IO (forwarded IP is only trusted for loopback peers).

Also adds tests for handshake allow/deny and forwarded-header behavior.

Fixes: GHSA-w26r-fwg8-rcp3
2026-06-01 10:26:16 -05:00
..
helpers
fix: resolve CodeQL alerts #24 and #26 (#4145)
2026-05-07 00:28:02 +02:00
modules
fix(newsfeed): fix full article view and add framing check (#4039)
2026-03-01 00:32:42 +01:00
animateCSS_spec.js
[core] refactor: replace XMLHttpRequest with fetch and migrate e2e tests to Playwright (#3950)
2025-11-08 21:59:05 +01:00
clientonly_spec.js
[core] refactor: enable ESLint rule require-await and handle detected issues (#4038)
2026-02-25 10:55:56 +01:00
config_functions_spec.js
config endpoint must handle functions in module configs (#4106)
2026-04-12 15:50:00 -05:00
config_variables_spec.js
[core] refactor: enable ESLint rule require-await and handle detected issues (#4038)
2026-02-25 10:55:56 +01:00
custom_module_regions_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
env_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
fonts_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
ipWhitelist_spec.js
fix(server): enforce ipWhitelist for Socket.IO too (#4169)
2026-06-01 10:26:16 -05:00
modules_display_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
modules_empty_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
modules_position_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
port_spec.js
CodeQL cleanup for alerts #18, #19, #20 (#4153)
2026-05-12 23:32:16 +02:00
serveronly_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00
translations_spec.js
refactor: use ES module imports in browser core (#4158)
2026-05-18 19:58:44 +02:00
vendor_spec.js
update electron to v40, update node versions in workflows (#4018)
2026-01-24 06:15:15 -06:00