cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(outbound): add HTTPS CHECK constraint on outbound_connections.url

Browse Source 
Defense-in-depth per code review. DTO layer already validates HTTPS at save
time; this DB-level check guards against future code paths that might bypass
the DTO validator. Mustache template variables in the URL (e.g., {{env.slug}})
remain valid since only the scheme prefix is constrained.
This commit is contained in:
hsiegeln
2026-04-19 15:37:35 +02:00
parent 116038262a
commit ffdfd6cd9a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cameleer-server-app/src/main/resources/db/migration/V11__outbound_connections.sql
View File

@@ -10,7 +10,7 @@ CREATE TABLE outbound_connections (
tenant_id varchar(64) NOT NULL,
name varchar(100) NOT NULL,
description text,
url text NOT NULL,
url text NOT NULL CHECK (url ~ '^https://'),
method outbound_method_enum NOT NULL,
default_headers jsonb NOT NULL DEFAULT '{}',
default_body_tmpl text,