garlic-signage/garlic-hub

Digital Signage Device and Content Management (SMIL compatible)

advertising-screens business cms communication content-management device-management digital-signage display-management dooh iot marketing narrowcasting public-display rest-api scheduling signage-software smil

View on GitHub

1 Open Issue Need Help Last updated: Jun 21, 2025

Open Issues Need Help

View All on GitHub

Some endpoints do not validate CSRF token (e.g., DELETE /async/playlists) 2 months ago

AI Summary: The task is to identify all endpoints in the Garlic-Hub digital signage system that lack CSRF token validation and implement the necessary checks to prevent Cross-Site Request Forgery (CSRF) attacks. This involves reviewing the codebase, specifically focusing on endpoints that modify data, and adding CSRF token validation where missing. The `/async/playlists` DELETE endpoint is a known example requiring attention.

Complexity: 4/5

bug enhancement good first issue

garlic-signage/garlic-hub

Digital Signage Device and Content Management (SMIL compatible)

PHP

#advertising-screens#business#cms#communication#content-management#device-management#digital-signage#display-management#dooh#iot#marketing#narrowcasting#public-display#rest-api#scheduling#signage-software#smil