Full deployment history for this project.
Fix DoS vulnerability by adding strict input validation via Zod Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix Denial of Service in Contact API Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [MEDIUM] Fix DoS vulnerability via missing input length limits Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [HIGH] Fix payload-based DoS in contact API Added strict length validation to the contact form API route using Zod to prevent malicious actors from sending excessively large payloads which could cause memory exhaustion and Denial of Service. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Add aria-label to service selection dropdown Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #1 from mbarbine/palette-add-skip-to-content-link-6479376196302088721 šØ Palette: Add skip-to-content link for improved keyboard navigation
Merge pull request #2 from mbarbine/sentinel/input-validation-dos-fix-12502212797719107262 š”ļø Sentinel: [MEDIUM] Add input validation limits to Contact API
š”ļø Sentinel: [MEDIUM] Add input validation limits to Contact API šØ Severity: MEDIUM š” Vulnerability: Missing input validation bounds in `/api/contact` making it susceptible to DoS attacks via excessively large string payloads. šÆ Impact: Attackers could send massive payloads (e.g., 10MB+) to overwhelm the server's memory allocation and processing, degrading performance or causing crashes. š§ Fix: Implemented `zod` schema to validate all input fields and enforce strict maximum length limits (e.g., max 100 for names, 5000 for messages). Failed validations return an immediate 400 Bad Request. ā Verification: Ran a custom `fetch` script simulating a 10MB input payload, verifying it now correctly rejects the request with a 400 status code before processing. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat(a11y): add skip-to-content link in layout Adds a visually hidden skip-to-content link as the first focusable element in the layout to allow screen reader and keyboard-only users to easily bypass the persistent urgent banner and navigation header. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Initialized repository for chat DogStar Cybernetics landing page Co-authored-by: Michael Barbine <3211492+mbarbine@users.noreply.github.com>