liuyu/nofx
1
0
Fork 0
mirror of https://github.com/NoFxAiOS/nofx.git synced 2026-06-06 14:01:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
034c206874a6bcc327cbb8b314cdf59518d62f39
nofx/api
History
tinkle-community 7b9a0740c1 fix(security): block SSRF via custom AI model URL 
Apply security.ValidateURL() to custom_api_url in PUT /api/models before
storing — blocks private IPs, cloud metadata endpoints, and localhost.
Replace plain http.Client in mcp/config.go with security.SafeHTTPClient()
for defense-in-depth (DialContext blocks private IPs, CheckRedirect
validates targets). Add SSRF warning to WithHTTPClient() docs.
2026-03-10 00:14:01 +08:00
..
backtest.go
feat: add MiniMax provider support (#1406)
2026-03-09 23:18:51 +08:00
crypto_handler.go
feat: add TRANSPORT_ENCRYPTION toggle for easier deployment
2025-12-09 18:04:42 +08:00
debate.go
feat: unify NofxOS data provider and fix language consistency
2026-01-04 00:59:07 +08:00
errors.go
fix: sanitize API error messages to prevent sensitive info exposure
2026-01-03 13:11:15 +08:00
server_test.go
refactor: standardize code comments
2025-12-08 01:43:22 +08:00
server.go
fix(security): block SSRF via custom AI model URL
2026-03-10 00:14:01 +08:00
strategy.go
feat: add MiniMax provider support (#1406)
2026-03-09 23:18:51 +08:00
traderid_test.go
refactor: standardize code comments
2025-12-08 01:43:22 +08:00
utils_test.go
refactor: standardize code comments
2025-12-08 01:43:22 +08:00
utils.go
refactor: standardize code comments
2025-12-08 01:43:22 +08:00