CLIProxyAPI/CLAUDE.md at main

Files

T

Luis Pater 605adaa3c2 feat(api): add support for local management password validation and spoofed IP rejection

- Introduced `newTestServerWithOptions` to customize server initialization in tests.
- Added `TestManagementLocalPasswordRejectsSpoofedForwardedFor` to validate security against spoofed `X-Forwarded-For` headers.
- Enabled default WebSocket authentication (`ws-auth`) in `config.example.yaml`.
- Disabled trusted proxy headers in Gin engine with appropriate logging to enhance security.

2026-05-18 01:23:35 +08:00

10 B

Raw Permalink Blame History

@AGENTS.md

10 B Raw Permalink Blame History

10 B

Raw Permalink Blame History