24752433324
84%
master: 84%

Ran 21 Apr 2026 11:50PM UTC

Jobs 1

Files 51

Run time 1min

Badge

Embed ▾

Committed 21 Apr 2026 11:48PM UTC coverage: 84.25% (+0.003%) from 84.247%

Build # 24752433324

Build Type

Pull #2049

github

Committed by

paskal

Commit Message

fix(auth): preserve explicit port in AllowedRedirectHosts + clarify fs_store nolint

Address Copilot follow-up on PR #2049:

* getAllowedRedirectHosts stripped explicit ports via u.Hostname(), which
  broadened the allowlist. The auth validator checks both Hostname() and
  Host, so an entry like admin.example.com:8443 can and should be kept
  host:port — allowing only that port, not any. Emit u.Host when
  u.Port() != "", u.Hostname() otherwise. Updated tests.

* fs_store Save nolint rationale said "id validated at HTTP layer", but
  Save is reached via image.Service.Save and SaveWithID (cache), neither
  of which is HTTP validation. id is actually a server-generated hash in
  both paths. Updated the comment.

Pull Request Pull Request #2049: fix(auth): close OAuth open-redirect by wiring AllowedRedirectHosts

Coverage Stats

25 of 29 new or added lines in 2 files covered. (86.21%)

6264 of 7435 relevant lines covered (84.25%)

34.36 hits per line

Uncovered Changes

Lines	Coverage	∆	File
4	83.87	0.04%	backend/app/cmd/server.go

Jobs

ID	Job ID	Ran	Files	Coverage
1	24752433324.1	21 Apr 2026 11:50PM UTC	51	84.25	GitHub Action Run

umputun / remark42 / 24752433324
84%
master: 84%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Uncovered Changes

Jobs

Source Files on build 24752433324

umputun / remark42 / 24752433324 84% master: 84%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Uncovered Changes

Jobs

Source Files on build 24752433324

umputun / remark42 / 24752433324
84%
master: 84%

README BADGES
x