derivado de LengKundee/MQL5-Google-Onedrive

google-labs-jules[bot] e9918dcb22 docs: update Cloudflare nameservers and unify domain name

- Added daisy.ns.cloudflare.com and rocco.ns.cloudflare.com to Cloudflare guide.
- Unified domain name to lengkundee01.org in CNAME and PWA guide.
- Verified active domain using dig.
- Updated sentinel journal with documentation learnings.

2026-02-13 04:11:32 +00:00

972 B

Em bruto Ligação permanente Responsabilidade Histórico

Sentinel's Journal

Name: MQL5 Algo Forge
Brand: MQL5

2026-02-07 - Telegram Bot Authorization Bypass

Vulnerability: The Telegram Deployment Bot (scripts/telegram_deploy_bot.py) contained a "Fail Open" vulnerability where omitting the TELEGRAM_ALLOWED_USER_IDS environment variable resulted in granting access to all Telegram users instead of none. Learning: Security controls must default to deny (Fail Closed). Implicitly allowing access when configuration is missing creates silent vulnerabilities that are hard to detect until exploited. Prevention: Ensure all authorization checks explicitly return False or throw an exception if the access control list is empty or undefined. Never default to True in security-critical paths.

2026-02-13 - [Documentation] Cloudflare Nameservers and Domain Unification

Updated Cloudflare nameservers to daisy.ns.cloudflare.com and rocco.ns.cloudflare.com.
Unified domain name to lengkundee01.org across CNAME and PWA documentation.

972 B Em bruto Ligação permanente Responsabilidade Histórico

Sentinel's Journal

2026-02-07 - Telegram Bot Authorization Bypass

2026-02-13 - [Documentation] Cloudflare Nameservers and Domain Unification

972 B

Em bruto Ligação permanente Responsabilidade Histórico