From 2d2ccd10911291061d23bcdf9b56855590477494 Mon Sep 17 00:00:00 2001 From: anishamahuli Date: Mon, 16 Feb 2026 16:33:54 -0500 Subject: [PATCH 1/4] Fix duplicate healthcheck key for db service build --- docker-compose.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9182cdb6..7a6e7fe9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,11 +18,6 @@ services: networks: app_net: ipv4_address: 192.168.0.2 - healthcheck: - test: ["CMD-SHELL", "pg_isready -U balancer -d balancer_dev"] - interval: 5s - timeout: 5s - retries: 5 pgadmin: image: dpage/pgadmin4 From 01ccf9ab0995645e0ad0c0782eb9bc5efb6ed595 Mon Sep 17 00:00:00 2001 From: Akhil Bolla <129509874+AkhilRB0204@users.noreply.github.com> Date: Mon, 16 Feb 2026 22:01:40 -0500 Subject: [PATCH 2/4] Enhance input sanitization and normalize pronouns Updated the sanitizer function to improve input sanitization by removing style tags, normalizing pronouns, and increasing the maximum length limit. --- server/api/views/assistant/sanitizer.py | 62 ++++++++++++++++++++++--- 1 file changed, 56 insertions(+), 6 deletions(-) diff --git a/server/api/views/assistant/sanitizer.py b/server/api/views/assistant/sanitizer.py index bdbbc77f..fd851df6 100644 --- a/server/api/views/assistant/sanitizer.py +++ b/server/api/views/assistant/sanitizer.py @@ -1,26 +1,76 @@ import re import logging + logger = logging.getLogger(__name__) def sanitize_input(user_input:str) -> str: """ Sanitize user input to prevent injection attacks and remove unwanted characters. + Args: user_input (str): The raw input string from the user. + Returns: str: The sanitized input string. """ try: - # Remove any script tags - sanitized = re.sub(r'.*?', '', user_input, flags=re.IGNORECASE) - # Remove any HTML tags + sanitized = user_input + + # Remove any style tags + sanitized = re.sub(r'.*?', '', sanitized, flags=re.IGNORECASE) + + # Remove any HTML/script tags sanitized = re.sub(r'<.*?>', '', sanitized) + + # Remove Phone Numbers + sanitized = re.sub(r'\+?\d[\d -]{8,}\d', '[Phone Number]', sanitized) + + # Remove Email Addresses + sanitized = re.sub(r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}', '[Email Address]', sanitized) + + # Remove Medical Record Numbers (simple pattern) + sanitized = re.sub(r'\bMRN[:\s]*\d+\b', '[Medical Record Number]', sanitized, flags=re.IGNORECASE) + + # Normalize pronouns + sanitized = normalize_pronouns(sanitized) + # Escape special characters - sanitized = re.sub(r'["\'\\]', '', sanitized) + sanitized = re.sub(r'\s+', '', sanitized) + # Limit length to prevent buffer overflow attacks - max_length = 1000 + max_length = 5000 if len(sanitized) > max_length: sanitized = sanitized[:max_length] + return sanitized.strip() except Exception as e: logger.error(f"Error sanitizing input: {e}") - return "" \ No newline at end of file + return "" + +def normalize_pronouns(text:str) -> str: + """ + Normalize first and second person pronouns to third person clinical language. + + Converts patient centric pronouns to a more neutral form. + Args: + text (str): The input text containing pronouns. + Returns: + str: The text with normalized pronouns. + """ + # Normalize first person possessives: I, me, my, mine -> the patient + text = re.sub(r'\bMy\b', 'The patient\'s', text) + text = re.sub(r'\bmy\b', 'the patient\'s', text) + + # First person subject: I -> the patient + text = re.sub(r'\bI\b', 'the patient', text) + + # First person object: me -> the patient + text = re.sub(r'\bme\b', 'the patient', text) + + # First person reflexive: myself -> the patient + text = re.sub(r'\bmyself\b', 'the patient', text) + + # Second person: you, your -> the clinician + text = re.sub(r'\bYour\b', 'the clinician', text) + return text + + From b08152f94a079b24681e79203476dcbbbdcb0d83 Mon Sep 17 00:00:00 2001 From: anishamahuli Date: Wed, 18 Feb 2026 14:18:12 -0500 Subject: [PATCH 3/4] fix: changed link to direct to balancer github page --- frontend/src/components/Footer/Footer.tsx | 2 +- frontend/src/components/Header/Header.tsx | 2 +- frontend/src/components/Header/MdNavBar.tsx | 2 +- frontend/src/pages/About/About.tsx | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/frontend/src/components/Footer/Footer.tsx b/frontend/src/components/Footer/Footer.tsx index d656f5ad..2f68ec49 100644 --- a/frontend/src/components/Footer/Footer.tsx +++ b/frontend/src/components/Footer/Footer.tsx @@ -62,7 +62,7 @@ function Footer() { > Leave feedback - diff --git a/frontend/src/components/Header/Header.tsx b/frontend/src/components/Header/Header.tsx index cbbd2c93..a0edc859 100644 --- a/frontend/src/components/Header/Header.tsx +++ b/frontend/src/components/Header/Header.tsx @@ -165,7 +165,7 @@ const Header: React.FC = ({ isAuthenticated, isSuperuser }) => { Leave Feedback diff --git a/frontend/src/components/Header/MdNavBar.tsx b/frontend/src/components/Header/MdNavBar.tsx index 5a8d5bce..00d45f55 100644 --- a/frontend/src/components/Header/MdNavBar.tsx +++ b/frontend/src/components/Header/MdNavBar.tsx @@ -120,7 +120,7 @@ const MdNavBar = (props: LoginFormProps) => {
  • - diff --git a/frontend/src/pages/About/About.tsx b/frontend/src/pages/About/About.tsx index c50f6705..e1c7242e 100644 --- a/frontend/src/pages/About/About.tsx +++ b/frontend/src/pages/About/About.tsx @@ -77,7 +77,7 @@ function About() {
    - + From 530b90a17afa6136e6c9de9abd472794c4058193 Mon Sep 17 00:00:00 2001 From: anishamahuli Date: Mon, 23 Feb 2026 12:19:50 -0500 Subject: [PATCH 4/4] Changed button text from "donate" to "Support Developoment" --- frontend/src/components/Footer/Footer.tsx | 4 ++-- frontend/src/components/Header/Header.tsx | 2 +- frontend/src/components/Header/MdNavBar.tsx | 2 +- frontend/src/pages/About/About.tsx | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/frontend/src/components/Footer/Footer.tsx b/frontend/src/components/Footer/Footer.tsx index 2f68ec49..977c59d4 100644 --- a/frontend/src/components/Footer/Footer.tsx +++ b/frontend/src/components/Footer/Footer.tsx @@ -64,9 +64,9 @@ function Footer() { - Donate + Support Development = ({ isAuthenticated, isSuperuser }) => { target="_blank" className="header-nav-item" > - Donate + Support Development {isAuthenticated && isSuperuser && (
    { target="_blank" className="mr-9 text-black hover:border-b-2 hover:border-blue-600 hover:text-black hover:no-underline" > - Donate + Support Development
    • {isAuthenticated && diff --git a/frontend/src/pages/About/About.tsx b/frontend/src/pages/About/About.tsx index e1c7242e..9481c74d 100644 --- a/frontend/src/pages/About/About.tsx +++ b/frontend/src/pages/About/About.tsx @@ -79,7 +79,7 @@ function About() {