From 6d9a9d65a649b2a2d8688a4e5c754d77dd41fe89 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 19 Apr 2026 04:50:08 +0000
Subject: [PATCH] security: enforce pre-parse payload limit and stronger api
 key diversity

Agent-Logs-Url: https://github.com/Stalin-143/Keylogger/sessions/cef34b0e-605b-4ab9-8da6-2559d1dd4529

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
---
 src/server.py | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/server.py b/src/server.py
index d57706e..dc314e6 100644
--- a/src/server.py
+++ b/src/server.py
@@ -25,12 +25,6 @@ BANNER = r"""
 Github: https://github.com/Stalin-143
 """
 
-app = Flask(__name__)
-
-# Set a secure secret key for session management
-app.secret_key = os.getenv('FLASK_SECRET_KEY', secrets.token_hex(32))
-
-# Global configuration
 CONFIG = {
     'log_file_path': 'logs/keylog.txt',
     'username': 'admin',
@@ -42,6 +36,12 @@ MIN_PASSWORD_LENGTH = 12
 MIN_API_KEY_LENGTH = 24
 MIN_API_KEY_UNIQUE_CHARS = 8
 
+app = Flask(__name__)
+app.config['MAX_CONTENT_LENGTH'] = MAX_LOG_PAYLOAD_BYTES
+
+# Set a secure secret key for session management
+app.secret_key = os.getenv('FLASK_SECRET_KEY', secrets.token_hex(32))
+
 
 def check_auth(username, password):
     """
@@ -135,6 +135,12 @@ def has_sufficient_key_entropy(value):
         return False
     if len(set(value)) < MIN_API_KEY_UNIQUE_CHARS:
         return False
+    has_upper = any(char.isupper() for char in value)
+    has_lower = any(char.islower() for char in value)
+    has_digit = any(char.isdigit() for char in value)
+    has_special = any(char in string.punctuation for char in value)
+    if sum([has_upper, has_lower, has_digit, has_special]) < 3:
+        return False
     return True