Chris cc30d2288e fix: sanitize API_KEY and BLOCK_PRIVATE_IPS in config generation ...

- Fix Issue 1: Normalize BLOCK_PRIVATE_IPS to safe boolean (true/false) using shell case statement to prevent PHP injection from non-boolean values like 'yes'
- Fix Issue 2: Strip single quotes from API_KEY to prevent PHP string injection if the value contains quotes
- Update docker-compose-dev.yml to document these configuration options

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-20 21:50:59 +02:00

500 B

Executable File

Raw Blame History

View Raw