denshooter/portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge cursor/umfassende-plattform-berarbeitung-d0f0 into dev_test

Browse Source 
Resolve email API TLS/env var merge conflicts and bring latest platform changes into dev_test.
This commit is contained in:
Cursor Agent
2026-01-14 02:11:17 +00:00
parent c8db7ea78c abfb710c4b
commit 80077ea1af
102 changed files with 6325 additions and 1780 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/api/email/route.tsx
View File

@@ -3,7 +3,7 @@ import nodemailer from "nodemailer";
import SMTPTransport from "nodemailer/lib/smtp-transport";
import Mail from "nodemailer/lib/mailer";
import { checkRateLimit, getRateLimitHeaders } from '@/lib/auth';
import { prisma } from '@/lib/prisma';
import { prisma } from "@/lib/prisma";
// Sanitize input to prevent XSS
function sanitizeInput(input: string, maxLength: number = 10000): string {
@@ -115,10 +115,12 @@ export async function POST(request: NextRequest) {
connectionTimeout: 30000, // 30 seconds
greetingTimeout: 30000, // 30 seconds
socketTimeout: 60000, // 60 seconds
// TLS hardening (allow insecure only when explicitly enabled)
tls: process.env.SMTP_ALLOW_INSECURE_TLS === 'true'
// TLS hardening (allow insecure/self-signed only when explicitly enabled)
tls:
process.env.SMTP_ALLOW_INSECURE_TLS === "true" ||
process.env.SMTP_ALLOW_SELF_SIGNED === "true"
? { rejectUnauthorized: false }
: { rejectUnauthorized: true, minVersion: 'TLSv1.2' }
: { rejectUnauthorized: true, minVersion: "TLSv1.2" },
};
// Creating transport with configured options