Rauf Akdemir

icon company Airweave icon location San Francisco icon location Founder at @airweave-ai. You can reach me on LinkedIn if you would like to chat.

Results 44 issues of Rauf Akdemir

security(CASA-22): remove shared/default accounts from production

## Summary Eliminates hardcoded shared accounts in production to comply with CASA-22 requirements while maintaining development usability. ## Changes - **Environment-aware migrations**: Modified database migrations to only grant admin privileges...

security(CASA-41): Fix XSS vulnerability in innerHTML usage

## Overview Fixes [ENG-181](https://linear.app/airweave-main/issue/ENG-181/casa-41-fix-xss-vulnerability-in-frontend-innerhtml-usage) - Replaced all 12 instances of unsafe `.innerHTML` assignments with secure DOM manipulation to prevent XSS attacks. ## Security Impact ✅ **Eliminates XSS vulnerability**: Even if...

security(CASA-45): fix timing attack vulnerability

## Summary Fixes timing attack vulnerabilities in API key and OAuth1 token validation by replacing plain string comparisons with constant-time comparison functions. ## Changes - **API Key Validation** (`crud_api_key.py`): Use...

security(CASA-11): remove API key from donke URL query parameters

## Summary This PR addresses **CASA-11** security requirement by removing API keys from URL query parameters in all Donke API calls. ## Changes Updated 3 Donke API calls to use...