mirror of
https://github.com/koala73/worldmonitor.git
synced 2026-04-25 17:14:57 +02:00
f7119b9ed6
- Add CORS origin allowlist (api/_cors.js) replacing Access-Control-Allow-Origin: * - Add isDisallowedOrigin guard to all API endpoints (acled, cloudflare-outages, finnhub, fred-data, hackernews, wingbits) - Gut debug-env endpoint to return 404 - Tighten sanitizeUrl() with escapeAttr output and strict relative URL validation - Add sanitizeUrl() adoption in CountryIntelModal, InsightsPanel, PredictionPanel, RegulationPanel, TechEventsPanel - Comprehensive escapeHtml() hardening in MapPopup (cables, flights, vessels, clusters) - Bound HackerNews concurrent fetches (MAX_CONCURRENCY=10), validate story type and limit params - Add wingbits cache eviction (MAX_LOCAL_CACHE_ENTRIES=2000, sweep on TTL + LRU) - Fix arxiv http→https, og-story parseInt safety with Number.isFinite + clamping
12 lines
274 B
JavaScript
12 lines
274 B
JavaScript
export const config = { runtime: 'edge' };
|
|
|
|
export default async function handler() {
|
|
return new Response(JSON.stringify({ error: 'Not found' }), {
|
|
status: 404,
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
'Cache-Control': 'no-store',
|
|
},
|
|
});
|
|
}
|