Release v1.28.0
This release focuses on Security Hardening following a comprehensive security audit. It implements several critical improvements to session management, authentication verification, and data protection.
Security Improvements
- Cookie Hardening:
- Enforced
Secureflag for all session and authentication cookies whenGIN_MODEis not set todebug. This ensures sensitive cookies are only transmitted over encrypted connections. - Implemented global
SameSite=Laxmiddleware for all session and OIDC state cookies to mitigate Cross-Site Request Forgery (CSRF) attacks.
- Enforced
- TLS Verification:
- Removed support for insecure TLS verification bypasses (
OIDC_SKIP_TLS_VERIFYandLDAP_SKIP_TLS_VERIFY). The server now always validates certificates for OIDC providers and LDAP servers.
- Removed support for insecure TLS verification bypasses (
- Access Control:
- Restricted asset deletion (
DELETE /assets/:machine_id) to theadminGroup, ensuring only authenticated administrators can remove data.
- Restricted asset deletion (
- Information Disclosure Prevention:
- All
/v1/API endpoints now return generic error messages to clients, preventing internal database schema or logic details from leaking. - Credential masking in the administration interface now uses a fixed-length string (
********), preventing the disclosure of sensitive value lengths.
- All
- Health Check Optimization:
- The health check endpoint now reuses the application's main database connection pool instead of opening separate connections, improving stability.
- Login Fix:
- Fixed an issue where the
/loginhandler would optimistically redirect users based on cookie presence without proper session validation.
- Fixed an issue where the
Full Changelog: v1.27.0...v1.28.0