Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-15 20:26:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
LibreChat/api/server/routes/__tests__
History
Danny Avila 189cdf581d
🔐 fix: Add User Filter to Message Deletion (#12220) 
* fix: add user filter to message deletion to prevent IDOR

* refactor: streamline DELETE request syntax in messages-delete test

- Simplified the DELETE request syntax in the messages-delete.spec.js test file by combining multiple lines into a single line for improved readability. This change enhances the clarity of the test code without altering its functionality.

* fix: address review findings for message deletion IDOR fix

* fix: add user filter to message deletion in conversation tests

- Included a user filter in the message deletion test to ensure proper handling of user-specific deletions, enhancing the accuracy of the test case and preventing potential IDOR vulnerabilities.

* chore: lint
2026-03-13 23:42:37 -04:00
..
config.spec.js 🔧 chore: Update ESLint Config & Run Linter (#10986) 2025-12-15 17:55:25 -05:00
convos-duplicate-ratelimit.spec.js 🚦 fix: Add Rate Limiting to Conversation Duplicate Endpoint (#12218) 2026-03-13 23:40:44 -04:00
convos.spec.js 🚦 fix: Add Rate Limiting to Conversation Duplicate Endpoint (#12218) 2026-03-13 23:40:44 -04:00
keys.spec.js 🔱 chore: Harden API Routes Against IDOR and DoS Attacks (#11760) 2026-02-12 18:08:24 -05:00
ldap.spec.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
mcp.spec.js 🪪 fix: MCP API Responses and OAuth Validation (#12217) 2026-03-13 23:18:56 -04:00
messages-delete.spec.js 🔐 fix: Add User Filter to Message Deletion (#12220) 2026-03-13 23:42:37 -04:00
static.spec.js 🗂️ fix: Disable express-static-gzip for Uploaded Images (#8307) 2025-07-11 16:51:53 -04:00