fix: mmtls#37
Merged
Merged
ZeroPath AI / ZeroPath Security Scan
succeeded
May 30, 2026 in 4m 7s
Scan completed
No vulnerabilities found.
Details
✅ No security or compliance issues detected. Reviewed everything up to efc096a.
Security Overview
- 🔎 Scanned files: 7 changed file(s)
- 🔗 Scan Link: https://zeropath.com/app/repositories/faea5099-3f6a-45e4-b253-e8031a570782?scanId=74a6d9fb-a7bd-45cb-b694-92f590d2af73&codeScanTypes=PrScan&tab=issues
Detected Code Changes
| Change Type | Relevant files |
|---|---|
| Bug Fix | CHANGELOG.md Fix WebSocket / protocol-upgrade connections hanging Exclude hosts performing a plain-HTTP protocol upgrade from blind-tunneling Warn when opaque upgrade is seen for non-excluded host privaxy/src/server/proxy/mitm.rs Tunnel HTTP upgrade for excluded hosts privaxy/src/server/proxy/serve.rs Forward upstream's actual response if not 101 Switching Protocols |
| Configuration changes | Dockerfile Add COMPILE_MODE argument to Dockerfile privaxy/src/resources/proxy.pac.tera Add host IP address check for DIRECT rule in PAC file |
| Refactor | filterlists-api/src/lib.rs Simplify filter ID extraction privaxy/src/server/lib.rs Add connect timeout and keepalive to HTTP connector Disable idle pooling for Hyper client privaxy/src/server/proxy/mitm.rs Extract is_opaque_upgrade helper function Implement tunnel_http_upgrade function Implement bridge_http_upgrade function Implement read_past_response_headers function Implement pipe function privaxy/src/server/proxy/serve.rs Add logging for upgrade failures Add logging for upstream upgrade request failures |
Loading