lerkolabs/uptop
1
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

Merge pull request 'fix(security): strip push tokens from /status/json response' (#14) from fix/status-json-token-exposure into develop

Browse Source
This commit was merged in pull request #14.
This commit is contained in:
Tyler Koenig
2026-05-16 19:57:41 +00:00
parent fa1042a2ec 025b1b61d0
commit 887b8240f8
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/server.go
+6 -1
View File
@@ -358,8 +358,13 @@ func Start(cfg ServerConfig, s store.Store, eng *monitor.Engine) {
if cfg.EnableStatus {
mux.HandleFunc("/status", func(w http.ResponseWriter, r *http.Request) { renderStatusPage(w, cfg.Title, eng) })
mux.HandleFunc("/status/json", func(w http.ResponseWriter, r *http.Request) {
state := eng.GetLiveState()
for id, site := range state {
site.Token = ""
state[id] = site
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(eng.GetLiveState())
json.NewEncoder(w).Encode(state)
})
}