github/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2026-05-20 15:33:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
penpot/backend/test/backend_tests
History
Andrey Antukh ff23f786b4 🐛 Fix broken authentication on /assets handlers 
- Add ::setup/props and ::db/pool to :app.http.assets/routes config
  so session renewal works correctly for asset requests.
- Add actoken/authz middleware to the assets middleware chain so
  access tokens are properly recognized.
- Add authenticated? helper that checks both ::session/profile-id
  and ::actoken/profile-id, fixing 401 errors when accessing
  protected assets with a valid access token.
- Add comprehensive test suite for assets auth scenarios.

Closes #9677

Signed-off-by: Andrey Antukh <niwi@niwi.nz>
2026-05-15 12:05:02 +02:00
..
test_files
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00
binfile_test.clj
♻️ Refactor time related namespaces
2025-08-01 11:20:01 +02:00
bounce_handling_test.clj
♻️ Refactor internal tokens API
2025-10-07 12:08:00 +02:00
email_blacklist_test.clj
🚑 Fix email blacklisting (#9122)
2026-04-23 09:42:40 +02:00
email_sending_test.clj
Add proper backend integration of for new feedback form
2025-10-17 09:40:27 +02:00
helpers.clj
🎉 Add telemetry anonymous event collection (#9483)
2026-05-11 12:42:01 +02:00
http_assets_test.clj
🐛 Fix broken authentication on /assets handlers
2026-05-15 12:05:02 +02:00
http_management_test.clj
♻️ Make the SSO code more modular (#7575)
2025-11-12 12:49:10 +01:00
http_middleware_security.clj
Add client header check middleware
2025-10-07 12:47:14 +02:00
http_middleware_test.clj
Backport MCP from staging (part 1)
2026-04-20 19:37:02 +02:00
loggers_webhooks_test.clj
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00
media_sanitize_test.clj
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00
rpc_access_tokens_test.clj
Backport MCP from staging (part 1)
2026-04-20 19:37:02 +02:00
rpc_audit_test.clj
🎉 Add telemetry anonymous event collection (#9483)
2026-05-11 12:42:01 +02:00
rpc_comment_test.clj
♻️ Refactor file storage
2025-10-13 12:24:05 +02:00
rpc_cond_middleware_test.clj
⬆️ Update yetti and http server dependency
2024-10-22 20:23:38 +02:00
rpc_doc_test.clj
🎉 Add management RPC API (#7700)
2025-11-10 17:10:59 +01:00
rpc_file_snapshot_test.clj
Make the virtual clock by profile and not global
2026-01-09 12:58:44 +01:00
rpc_file_test.clj
Add 2h min-age threshold to storage/gc_touched task
2026-04-22 08:48:04 +02:00
rpc_file_thumbnails_test.clj
Add 2h min-age threshold to storage/gc_touched task
2026-04-22 08:48:04 +02:00
rpc_font_test.clj
🐛 Prevent CSS injection vulnerability in font family names
2026-05-14 13:46:02 +02:00
rpc_management_test.clj
♻️ Refactor file storage
2025-10-13 12:24:05 +02:00
rpc_media_test.clj
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00
rpc_profile_test.clj
🐛 Fix incorrect invitation token handling on register process (#9380)
2026-05-06 14:20:55 +02:00
rpc_project_test.clj
💄 Add format rule for code comments (#8211)
2026-01-27 15:07:18 +01:00
rpc_quotes_test.clj
Use a prefixed dir for storing temp files
2024-02-14 09:53:54 +01:00
rpc_team_test.clj
Improve team name validation (#9176)
2026-04-29 08:59:09 +02:00
rpc_viewer_test.clj
Use a prefixed dir for storing temp files
2024-02-14 09:53:54 +01:00
rpc_webhooks_test.clj
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00
storage_test.clj
Add 2h min-age threshold to storage/gc_touched task
2026-04-22 08:48:04 +02:00
tasks_telemetry_test.clj
🎉 Add telemetry anonymous event collection (#9483)
2026-05-11 12:42:01 +02:00
util_blob_test.clj
🎉 Add telemetry anonymous event collection (#9483)
2026-05-11 12:42:01 +02:00
util_objects_map_test.clj
♻️ Use direct schemas instead of references
2025-08-20 12:33:07 +02:00
util_pointer_map_test.clj
💄 Fix format issues on backend module
2023-11-29 12:55:58 +01:00
util_ssrf_test.clj
🐛 Harden outbound HTTP requests against SSRF and restrict assets handlers (#9390)
2026-05-08 09:18:22 +02:00