kato/warpbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: bypass security for health checks and support HEAD downloads
All checks were successful
Build and Publish Docker Image / deploy (push) Successful in 2m30s
Details

Browse Source 
- Allow the `/health` endpoint to bypass the security middleware, ensuring container health checks succeed even if the proxy IP is banned.
- Add a test to verify health checks from banned IPs.
- Register a HEAD route for file downloads.
- Refactor admin alert status checks to use a new `isUnacknowledgedAlert` helper.
- Update the security runbook documentation with clearer instructions and examples for trusted proxy configuration.
This commit is contained in:
Daniel Legt
2026-05-23 19:07:11 +03:00
parent a2c80ac105
commit f0dcdd50ca
10 changed files with 250 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/routing/routes.go
View File

@@ -57,6 +57,7 @@ func Register(router *gin.Engine, handlers Handlers) {
router.GET("/box/:id/download", handlers.DownloadBox)
router.GET("/box/:id/files/:filename", handlers.DownloadFile)
router.GET("/box/:id/thumbnails/:file_id", handlers.DownloadThumbnail)
router.HEAD("/box/:id/files/:filename", handlers.DownloadFile)
router.POST("/box", handlers.CreateBox)
router.POST("/box/:id/login", handlers.BoxLoginPost)