Skip to content

[S6PD-145] Plugin routes security review#450

Merged
szhalba-sm merged 17 commits into
rc-2.0.8from
feature/S6PD-145-plugin-security-review
Jul 2, 2026
Merged

[S6PD-145] Plugin routes security review#450
szhalba-sm merged 17 commits into
rc-2.0.8from
feature/S6PD-145-plugin-security-review

Conversation

@szhalba-sm

Copy link
Copy Markdown
Contributor

No description provided.

Stas Zhalba and others added 17 commits May 18, 2026 12:23
…endpoint

Implement transactionId validation, action name whitelist, audit logging, and generic error messages to prevent information disclosure and invalid action injection.
…6PD-146-security-review-api-config

# Conflicts:
#	src/Resources/app/administration/src/module/paynl-settings/snippet/de-DE.json
#	src/Resources/app/administration/src/module/paynl-settings/snippet/en-GB.json
#	src/Resources/app/administration/src/module/paynl-settings/snippet/nl-NL.json
…pi-config

[S6PD-146] Secure install, terminals, and test-api-keys endpoints
…-review' into feature/S6PD-145-plugin-security-review
…into feature/S6PD-145-plugin-security-review
# Conflicts:
#	src/Controller/Storefront/Payment/PaymentController.php
@szhalba-sm szhalba-sm merged commit 40a2e5b into rc-2.0.8 Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants