b9dfb86260
Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
36 lines
1.1 KiB
Markdown
36 lines
1.1 KiB
Markdown
# Static Assets for Control Panel Backend
|
|
|
|
This directory contains static assets used by the control panel backend services, particularly for email templates.
|
|
|
|
## Assets
|
|
|
|
### Email Resources (`assets/`)
|
|
|
|
- **gt-edge-ai-logo.png** - GT Edge AI logo used in email templates (password reset, notifications, etc.)
|
|
- Source: `/apps/tenant-app/public/gt-edge-ai-new-logo.png`
|
|
- Used in: Password reset emails with Content-ID: `<gt_logo>`
|
|
- Dimensions: Optimized for email clients
|
|
- Format: PNG with transparency
|
|
|
|
## Usage in Email Templates
|
|
|
|
The logo is embedded in emails using MIME multipart with Content-ID references:
|
|
|
|
```python
|
|
# In email.py
|
|
logo_img = MIMEImage(f.read())
|
|
logo_img.add_header('Content-ID', '<gt_logo>')
|
|
msg.attach(logo_img)
|
|
```
|
|
|
|
```html
|
|
<!-- In HTML email template -->
|
|
<img src="cid:gt_logo" alt="GT Edge AI" />
|
|
```
|
|
|
|
## Deployment Notes
|
|
|
|
- Ensure this directory and its contents are included in Docker images
|
|
- The logo file should be accessible at runtime for email generation
|
|
- Fallback paths are configured in `app/core/email.py` for different deployment scenarios
|