File upload security (iteration 1), security enhancements and OpenTelemetry (OTEL) implementation (sending data disabled by default)

2025-11-11 18:56:23 +00:00 · 2025-10-17 11:16:48 +02:00
parent 2cde85e137
commit 780dc18fa4
34 changed files with 4491 additions and 109 deletions
--- a/config.py
+++ b/config.py
@@ -34,6 +34,12 @@ MIDDLEWARE.extend(
        "ivatar.middleware.CustomLocaleMiddleware",
    ]
 )
+
+# Add OpenTelemetry middleware (always enabled now)
+MIDDLEWARE.insert(0, "ivatar.opentelemetry_middleware.OpenTelemetryMiddleware")
+
+# Add OpenTelemetry middleware only if feature flag is enabled
+# Note: This will be checked at runtime, not at import time
 MIDDLEWARE.insert(
    0,
    "ivatar.middleware.MultipleProxyMiddleware",
@@ -166,9 +172,10 @@ if "POSTGRES_DB" in os.environ:
        "USER": os.environ["POSTGRES_USER"],
        "PASSWORD": os.environ["POSTGRES_PASSWORD"],
        "HOST": os.environ["POSTGRES_HOST"],
-        "TEST": {
-            "NAME": os.environ["POSTGRES_DB"],
-        },
+        # Let Django use its default test database naming
+        # "TEST": {
+        #     "NAME": os.environ["POSTGRES_DB"],
+        # },
    }

 SESSION_SERIALIZER = "django.contrib.sessions.serializers.JSONSerializer"
@@ -296,9 +303,26 @@ TRUSTED_DEFAULT_URLS = list(map(map_legacy_config, TRUSTED_DEFAULT_URLS))
 BLUESKY_IDENTIFIER = os.environ.get("BLUESKY_IDENTIFIER", None)
 BLUESKY_APP_PASSWORD = os.environ.get("BLUESKY_APP_PASSWORD", None)

+# File upload security settings
+FILE_UPLOAD_MAX_MEMORY_SIZE = 5 * 1024 * 1024  # 5MB
+DATA_UPLOAD_MAX_MEMORY_SIZE = 5 * 1024 * 1024  # 5MB
+FILE_UPLOAD_PERMISSIONS = 0o644
+
+# Enhanced file upload security
+ENABLE_FILE_SECURITY_VALIDATION = True
+ENABLE_EXIF_SANITIZATION = True
+ENABLE_MALICIOUS_CONTENT_SCAN = True
+
 # Logging configuration - can be overridden in local config
 # Example: LOGS_DIR = "/var/log/ivatar"  # For production deployments

+# OpenTelemetry feature flag - can be disabled for F/LOSS deployments
+ENABLE_OPENTELEMETRY = os.environ.get("ENABLE_OPENTELEMETRY", "false").lower() in (
+    "true",
+    "1",
+    "yes",
+)
+
 # This MUST BE THE LAST!
 if os.path.isfile(os.path.join(BASE_DIR, "config_local.py")):
    from config_local import *  # noqa # flake8: noqa # NOQA # pragma: no cover