Lesstime

MALIO-DEV/Lesstime

Fork 0

Commit Graph

Author	SHA1	Message	Date
matthieu	a5144443a4	fix(avatar) : address review findings — security and UX fixes - Use getMimeType() instead of getClientMimeType() to prevent MIME spoofing - Change IsGranted to IS_AUTHENTICATED_FULLY so ROLE_CLIENT can access avatars - Remove Groups from avatarFileName (only avatarUrl needed by frontend) - Disable aggressive caching to prevent stale avatar images - Add error handling to avatar upload in profile page - Use i18n for "Mon profil" button text Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 22:02:27 +01:00
matthieu	4d0aa65920	feat(avatar) : add avatar upload/serve/delete controller Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 21:54:23 +01:00

Author

SHA1

Message

Date

matthieu

a5144443a4

fix(avatar) : address review findings — security and UX fixes

- Use getMimeType() instead of getClientMimeType() to prevent MIME spoofing
- Change IsGranted to IS_AUTHENTICATED_FULLY so ROLE_CLIENT can access avatars
- Remove Groups from avatarFileName (only avatarUrl needed by frontend)
- Disable aggressive caching to prevent stale avatar images
- Add error handling to avatar upload in profile page
- Use i18n for "Mon profil" button text

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-15 22:02:27 +01:00

matthieu

4d0aa65920

feat(avatar) : add avatar upload/serve/delete controller

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-15 21:54:23 +01:00

2 Commits