Issue search results

61M results (827 ms)

touchfish1/ZY_Foundation_Yingzhi
P2: Gateway CORS配置需确认安全白名单

缺陷描述需确认 Gateway CORS 是否配置了特定域名白名单而非通配符 * 优化方案 Gateway 配置 CORS 指定明确的前端域名白名单涉及文件 backend/gateway/src/main/resources/application.yml 来源 SEC-003

bug

touchfish1/ZY_Foundation_Yingzhi
P2: 缺少统一异常处理全局拦截器

缺陷描述各微服务可能未实现统一 @RestControllerAdvice，DB异常暴露堆栈优化方案每个微服务实现全局异常处理器，统一返回 {code, message, data} 来源 SEC-002

bug

fish2018/webhtv
WebHome广场(网友自制推荐)

touchfish1/ZY_Foundation_Yingzhi
P2: 文件上传缺少MIME类型和大小校验

缺陷描述文件上传未限制 MIME 类型和文件大小优化方案 1. 白名单 MIME 类型: image/, application/pdf, text/ 2. 限制大小: spring.servlet.multipart.max-file-size=50MB 3. UUID 重命名防止路径覆盖涉及文件 backend/api/.../asset/AdminAssetController.java ...

bug

touchfish1/ZY_Foundation_Yingzhi
P2: 重复注册邮箱返回500而非友好409提示

缺陷描述同邮箱重复注册时可能抛出 DataIntegrityViolationException 返回500 已在 SaasUserApplicationService.register() 第26行做了 existsByEmail 检查需确认异常时返回格式是否正确(IllegalArgumentException 是否被全局异常处理器转换为友好消息) 涉及文件 backend/user-service/.../SaasUserApplicationService.java ...

bug

touchfish1/ZY_Foundation_Yingzhi
P2: 系统设置值未限制长度(text类型可写入超大数据)

缺陷描述 setting_value 为 text 类型，无长度限制优化方案对 text 字段增加 @Size(max = 65535) 校验涉及文件 backend/system-service/.../adapter/in/rest/SystemSettingAdminController.java 来源 TC-SYS-002

bug

Shiv24angi/EcoVerse
[SECURITY] : Firebase credentials exposed in source code

The Firebase configuration in lib/firebase.ts contains hardcoded credentials including the API key, app ID, measurement ID, and messaging sender ID. These values are committed directly to the repository ...

touchfish1/ZY_Foundation_Yingzhi
P2: 发布草稿未校验内容完整性(空草稿/无效区块类型)

缺陷描述直接发布空草稿或含无效区块类型的页面可能引发 NPE 优化方案发布前校验 draft_version_id 不为空、content_json 中 block type 均为有效注册类型涉及文件 backend/api/.../CmsPageTranslationService.java 来源 TC-CMS-003

bug

ihsan-project/maktabah-next
create stories

allow users to create and publish their own collection of verses

yonghyeun/blog-app
infra: skill contract validator CI gate 편입

Intended labels type:infra, kind:leaf, status:intake, priority:p1, area:ci, area:ops, area:docs Parent - Parent: #88 - Sub-issue of: #88 - Depends on: #106 Relationship Parent: #88 Sub-issue ...

area:ci

area:docs

area:ops

kind:leaf

priority:p1

status:review

type:infra

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Filter by

State

Advanced

touchfish1/ZY_Foundation_Yingzhi
P2: Gateway CORS配置需确认安全白名单

touchfish1/ZY_Foundation_Yingzhi
P2: 缺少统一异常处理全局拦截器

fish2018/webhtv
WebHome广场(网友自制推荐)

touchfish1/ZY_Foundation_Yingzhi
P2: 文件上传缺少MIME类型和大小校验

touchfish1/ZY_Foundation_Yingzhi
P2: 重复注册邮箱返回500而非友好409提示

touchfish1/ZY_Foundation_Yingzhi
P2: 系统设置值未限制长度(text类型可写入超大数据)

Shiv24angi/EcoVerse
[SECURITY] : Firebase credentials exposed in source code

touchfish1/ZY_Foundation_Yingzhi
P2: 发布草稿未校验内容完整性(空草稿/无效区块类型)

ihsan-project/maktabah-next
create stories

yonghyeun/blog-app
infra: skill contract validator CI gate 편입

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.

issues Search Results · language:Edge language:TypeScript language:HTML language:PHP language:Java language:JavaScript

Filter by

State

Advanced

61M results

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.