Open
Conversation
Adds app.py (Flask backend with SSE streaming) and templates/index.html (minimal frontend) so users can delete Onfleet entities interactively via a browser instead of editing the script directly. - Dropdown for entity type (workers, tasks, admins, teams, webhooks) - Textarea for IDs (one per line) with validation for empty input - Streams per-ID results live as they complete; errors are caught and logged without stopping the remaining deletions - Final summary shows total success/failure counts https://claude.ai/code/session_01SDM9Xc97MTzbjaUVwHd2Pc
- All fields now show inline red error messages and a red border when invalid; errors clear as soon as the user starts correcting the field - Entity dropdown now has a blank default option so it can be validated - Custom modal replaces the browser's confirm() dialog with a warning message: "you cannot recover anything back", showing the count and entity type before the user commits https://claude.ai/code/session_01SDM9Xc97MTzbjaUVwHd2Pc
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
- requirements.txt lists flask and requests for one-command install - README updated with full local setup instructions, UI usage guide, disclaimer, file overview, and related resources consistent with the rest of the repo's style https://claude.ai/code/session_01SDM9Xc97MTzbjaUVwHd2Pc
Server-side: wrap user-provided entity value in html.escape() before embedding in the error message string (app.py line 29). Client-side: replace innerHTML with explicit DOM construction using textContent for the server error display, so any unescaped content from the response is never interpreted as HTML. https://claude.ai/code/session_01SDM9Xc97MTzbjaUVwHd2Pc
Hardcoded debug=True exposed the Werkzeug interactive debugger to anyone who could reach the server, allowing arbitrary code execution. Debug is now off unless FLASK_DEBUG=1 is explicitly set in the environment. README updated with instructions for toggling it and a warning not to enable it on shared or internet-facing machines. https://claude.ai/code/session_01SDM9Xc97MTzbjaUVwHd2Pc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.