mirror of
https://github.com/lukaszraczylo/claude-mnemonic.git
synced 2026-06-05 23:03:55 +00:00
lukaszraczylo
d04b60517a
* Make things 'betterer' across the board * fix: reorganize struct fields and config parameters for consistency - [x] Reorder Config struct fields alphabetically and by related functionality - [x] Reorganize Observation model fields with archival fields grouped together - [x] Reorder ObservationStore fields to group related members - [x] Reorder Store struct fields with health check caching grouped - [x] Reorganize HealthInfo and PoolMetrics struct field order - [x] Reorder maintenance Service struct fields logically - [x] Reorganize MCP server handler parameter structs alphabetically - [x] Reorder pattern detector candidate tracking fields - [x] Reorganize search Manager struct fields by functionality - [x] Reorder vector Client struct fields with mutex protections grouped - [x] Reorganize handler request/response struct fields - [x] Update handlers_test.go to expect wrapped response format - [x] Reorder middleware TokenAuth and rate limiter fields - [x] Reorganize Service struct fields with grouped functionality - [x] Fix RateLimiter field ordering for clarity - [x] Reorder CircuitBreaker metrics fields * fix(security): improve JSON output safety and path traversal protection - [x] Replace unsafe JSON string formatting with proper json.Marshal in export handler - [x] Remove escapeJSONString helper function in favor of standard JSON marshaling - [x] Add safeResolvePath function to validate paths and prevent directory traversal - [x] Apply path traversal validation in captureFileMtimes operations - [x] Cap result slice capacity in getRecentSearchQueries to prevent DoS via excessive allocation * fix(sdk): improve path traversal protection and allocation safety - [x] Enhance safeResolvePath with stricter validation using filepath.Rel - [x] Reject paths containing ".." after cleaning to prevent traversal - [x] Validate absolute paths are within cwd when cwd is specified - [x] Apply safeResolvePath validation to GetFileContent for consistency - [x] Add comprehensive test coverage for path traversal protection - [x] Fix allocation safety in getRecentSearchQueries by using constant capacity
75 lines
2.0 KiB
Go
75 lines
2.0 KiB
Go
package worker
|
|
|
|
import (
|
|
"embed"
|
|
"io/fs"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
//go:embed static/*
|
|
var staticFS embed.FS
|
|
|
|
// staticSubFS is the static subdirectory filesystem
|
|
var staticSubFS fs.FS
|
|
|
|
// staticInitErr stores any error from static filesystem initialization
|
|
var staticInitErr error
|
|
|
|
func init() {
|
|
staticSubFS, staticInitErr = fs.Sub(staticFS, "static")
|
|
if staticInitErr != nil {
|
|
log.Warn().Err(staticInitErr).Msg("Static filesystem initialization failed - dashboard will be unavailable")
|
|
}
|
|
}
|
|
|
|
// serveIndex serves the index.html file for the root path
|
|
func serveIndex(w http.ResponseWriter, r *http.Request) {
|
|
if staticInitErr != nil {
|
|
http.Error(w, "Dashboard unavailable: static files not initialized", http.StatusServiceUnavailable)
|
|
return
|
|
}
|
|
content, err := fs.ReadFile(staticSubFS, "index.html")
|
|
if err != nil {
|
|
http.Error(w, "Dashboard not found", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
|
|
w.Header().Set("Pragma", "no-cache")
|
|
w.Header().Set("Expires", "0")
|
|
_, _ = w.Write(content)
|
|
}
|
|
|
|
// serveAssets serves static assets from the embedded filesystem
|
|
func serveAssets(w http.ResponseWriter, r *http.Request) {
|
|
if staticInitErr != nil {
|
|
http.Error(w, "Assets unavailable: static files not initialized", http.StatusServiceUnavailable)
|
|
return
|
|
}
|
|
// Strip the /assets/ prefix and serve the file
|
|
path := strings.TrimPrefix(r.URL.Path, "/")
|
|
|
|
content, err := fs.ReadFile(staticSubFS, path)
|
|
if err != nil {
|
|
http.Error(w, "Asset not found", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
// Set content type based on extension
|
|
if strings.HasSuffix(path, ".js") {
|
|
w.Header().Set("Content-Type", "application/javascript")
|
|
} else if strings.HasSuffix(path, ".css") {
|
|
w.Header().Set("Content-Type", "text/css")
|
|
}
|
|
|
|
// No caching - always serve fresh content
|
|
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
|
|
w.Header().Set("Pragma", "no-cache")
|
|
w.Header().Set("Expires", "0")
|
|
_, _ = w.Write(content)
|
|
}
|