seaislee1209 d9a12af078 fix: v0.8.5 安全加固 — CRITICAL/HIGH 漏洞修复 ...

- C1/C2: 移除 settings.py 中硬编码的数据库密码和 SECRET_KEY 默认值
- K8s: DB_PASSWORD/DB_HOST/DB_USER/DJANGO_SECRET_KEY 改为 secretKeyRef
- H1: DEBUG 默认值从 True 改为 False
- H2: 登录接口添加 ScopedRateThrottle (5/min)，全局限流 (anon 30/min, user 120/min)
- H4: Django Admin 仅在 DEBUG=True 时注册
- H6: PromptInput innerHTML 使用 DOMPurify 消毒防止 XSS
- H7: ALLOWED_HOSTS 从 "*" 收紧为实际域名
- H9: Nginx 添加安全响应头 + server_tokens off
- M1: 密码策略加强 (min 8 + CommonPassword + NumericPassword)
- M5: Django 生产环境安全头配置
- L1: 登录接口改为 POST-only

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-16 02:08:50 +08:00

..

apps

fix: v0.8.5 安全加固 — CRITICAL/HIGH 漏洞修复

2026-03-16 02:08:50 +08:00

config

fix: v0.8.5 安全加固 — CRITICAL/HIGH 漏洞修复

2026-03-16 02:08:50 +08:00

utils

feat: v0.8.2~v0.8.4 — 管理后台 UI 修复 + 团队详情重构 + 审计日志系统

2026-03-16 01:18:44 +08:00

.dockerignore

Add CI/CD pipeline and K8S deployment

2026-03-13 10:24:31 +08:00

Dockerfile

fix bug report

2026-03-13 17:17:01 +08:00

entrypoint.sh

feat: integrate Seedance API key via K8s Secret and auto-create admin user

2026-03-15 00:41:22 +08:00

manage.py

Initial commit: 即梦视频生成平台

2026-03-13 09:59:33 +08:00

requirements.txt

add 存储桶

2026-03-13 15:38:08 +08:00