ultra-pool
commented
2 years ago Has this been tested lately?
Open ShorelineCrypto opened 3 years ago
ultra-pool
commented
2 years ago Has this been tested lately?
This is not trying to get support here. This is mainly a feedback of contribution to the opentrade/marycoin eco-system that shorelinecrypto version of opentrade is open sourced today. The SLC version of opentrade is a fork of old version of OpenTrade. So the software base has been changed a lot. However, I do believe that security patches below from SLC version of opentrade can contribute significant security improvement on the current latest opentrade version if those patches can be brought in here.
Here are the security patches from the shorelinecrypto version of opentrade: source: https://github.com/ShorelineCrypto/opentrade (1) Extensive security patches on API code where strict regular expression is enforced to deny SQL injection hack in input variables. This mainly is on utils.js and v1.js two files. market/currency etc are checked on this. (2) Extensive security patches on profile/registration page where strict regular expression is enforced to deny SQL injection hack in username/emails