Major security and code quality improvements

Security: - Add input validation for all API endpoints (frequency, lat/lon, device, gain, ppm) - Add HTML escaping utility to prevent XSS attacks - Add path traversal protection for log file configuration - Add proper HTTP status codes for error responses (400, 409, 503) Performance: - Reduce SSE keepalive overhead (30s interval instead of 1s) - Add centralized SSE stream utility with optimized keepalive - Add DataStore class for thread-safe data with automatic cleanup New Features: - Add data export endpoints (/export/aircraft, /export/wifi, /export/bluetooth) - Support for both JSON and CSV export formats - Add process cleanup on application exit (atexit handlers) - Label Iridium module as demo mode with clear warnings Code Quality: - Create utils/validation.py for centralized input validation - Create utils/sse.py for SSE stream utilities - Create utils/cleanup.py for memory management - Add safe_terminate() and register_process() for process management - Improve error handling with proper logging throughout routes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-26 07:40:01 -07:00 · 2025-12-30 19:24:40 +00:00
parent b44546af53
commit 1398a5dedd
13 changed files with 964 additions and 63 deletions
--- a/utils/init.py
+++ b/utils/init.py
@@ -1,6 +1,15 @@
 # Utility modules for INTERCEPT
 from .dependencies import check_tool, check_all_dependencies, TOOL_DEPENDENCIES
-from .process import cleanup_stale_processes, is_valid_mac, is_valid_channel, detect_devices
+from .process import (
+    cleanup_stale_processes,
+    is_valid_mac,
+    is_valid_channel,
+    detect_devices,
+    safe_terminate,
+    register_process,
+    unregister_process,
+    cleanup_all_processes,
+)
 from .logging import (
    get_logger,
    app_logger,
@@ -12,3 +21,22 @@ from .logging import (
    satellite_logger,
    iridium_logger,
 )
+from .validation import (
+    escape_html,
+    validate_latitude,
+    validate_longitude,
+    validate_frequency,
+    validate_device_index,
+    validate_gain,
+    validate_ppm,
+    validate_hours,
+    validate_elevation,
+    validate_wifi_channel,
+    validate_mac_address,
+    validate_positive_int,
+    sanitize_callsign,
+    sanitize_ssid,
+    sanitize_device_name,
+)
+from .sse import sse_stream, format_sse, clear_queue
+from .cleanup import DataStore, CleanupManager, cleanup_manager, cleanup_dict