alro65 cfd94f905a security: CORS hardening, path traversal fix, WebSocket auth + cleanup
- Restrict CORS to localhost origins (was allow_origins=[*])
- Require valid JWT on WebSocket /ws (anonymous no longer gets admin view)
- Fix path traversal in delete_cell(): resolve() + parent check
- Validate cell_id format in /charts/download-noaa/{cell_id}
- Exclude charts/ and Cartas/ from git (keep US1GC09M world overview)
- Add NOAA ENC Portal external link in charts catalog tab
- Untrack __pycache__/, .db, .claude/ session files

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-07-03 12:45:43 -04:00
2026-05-05 02:34:49 -04:00
2026-05-05 02:34:49 -04:00
2026-05-05 02:34:49 -04:00
S
Description
Maritime Aids-to-Navigation monitoring with AIS and S-57 ENC charts
178 MiB
Languages
JavaScript 50%
Python 36.6%
HTML 6.6%
CSS 5.4%
PowerShell 1.1%
Other 0.3%