- Updated WafConfig.tsx to correct regex for common bad bots.
- Modified cerberus_integration.sh to use curl instead of wget for backend readiness check.
- Changed coraza_integration.sh to utilize curl for checking httpbin backend status.
- Updated crowdsec_startup_test.sh to use curl for LAPI health check.
- Replaced wget with curl in install-go-1.25.5.sh for downloading Go.
- Modified rate_limit_integration.sh to use curl for backend readiness check.
- Updated waf_integration.sh to replace wget with curl for checking httpbin backend status.
Add handlers for enable_standard_headers, forward_auth_enabled, and waf_disabled fields
in the proxy host Update function. These fields were defined in the model but were not
being processed during updates, causing:
- 500 errors when saving proxy host configurations
- Auth pass-through failures for apps like Seerr/Overseerr due to missing X-Forwarded-* headers
Changes:
- backend: Add field handlers for 3 missing fields in proxy_host_handler.go
- backend: Add 5 comprehensive unit tests for field handling
- frontend: Update TypeScript ProxyHost interface with missing fields
- docs: Document fixes in CHANGELOG.md
Tests: All 1147 tests pass (backend 85.6%, frontend 87.7% coverage)
Security: No vulnerabilities (Trivy + govulncheck clean)
Fixes#16 (auth pass-through)
Fixes#17 (500 error on save)
- Documented full trace analysis of the Security Dashboard Live Logs, detailing file-by-file data flow and authentication flow.
- Analyzed and resolved critical issue causing WebSocket reconnection loop due to object reference instability in props.
- Verified localStorage key usage and confirmed alignment between frontend and backend authentication methods.
- Investigated 401 auth failures reported in Docker logs, clarifying that they originate from Plex and are not indicative of a bug in Charon.
- Provided recommendations for handling log noise and confirmed that the Docker health check is functioning correctly.
