phil/Gondulf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): merge Phase 4b security hardening

Browse Source 
Complete security hardening implementation including HTTPS enforcement,
security headers, rate limiting, and comprehensive security test suite.

Key features:
- HTTPS enforcement with HSTS support
- Security headers (CSP, X-Frame-Options, X-Content-Type-Options)
- Rate limiting for all critical endpoints
- Enhanced email template security
- 87% test coverage with security-specific tests

Architect approval: 9.5/10

Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Phil Skentelbery
2025-11-20 18:28:50 -07:00
parent 115e733604
commit d3c3e8dc6b
23 changed files with 3762 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/gondulf/services/domain_verification.py
View File

@@ -90,7 +90,7 @@ class DomainVerificationService:
# Validate email format
if not validate_email(email):
logger.warning(f"Invalid email format discovered: {email}")
logger.warning(f"Invalid email format discovered for domain={domain}")
return {"success": False, "error": "invalid_email_format"}
# Step 3: Generate and send verification code