Skip to content

Block Requests by disallowed keyvalue pairs #69

New issue
New issue
Open
Open
Block Requests by disallowed keyvalue pairs#69
Assignees
CodeShellDev
Labels
enhancementNew feature or requestplannedSomething is planned and has been added to the backlogspriority/highSomething is of high priority
Milestone
v1.4.0
@CodeShellDev

Description

@CodeShellDev
CodeShellDev
opened on Sep 25, 2025

Description

Currently you can define per-token variables, that can then only be used with THAT token.
This doesn‘t prevent anyone from using the raw variable value (+123456789) in the Body.
(since you can already block in the path with blockedEndpoints + number and queries will eventually be injected into the body).
This would be a great addition to further minimize attack-surface and mitigate attackers using your signal account without your consent.

Solution

Implement a Config where the user sets a json key and its value, if they match (using regex) the request is blocked (or allowed when using allowed config).

Alternatives

None.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestplannedSomething is planned and has been added to the backlogspriority/highSomething is of high priority

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions