From ea908aae55b47b7c43be1b238e0bf1e884548cd1 Mon Sep 17 00:00:00 2001 From: Mariusz Banach Date: Wed, 18 Feb 2026 04:26:38 +0100 Subject: [PATCH] MAESTRO: confirm health endpoint response --- .../SpecKit-web-header-analyzer-Phase-08-Security-Operations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Auto Run Docs/SpecKit-web-header-analyzer-Phase-08-Security-Operations.md b/Auto Run Docs/SpecKit-web-header-analyzer-Phase-08-Security-Operations.md index a25100e..ab0ed78 100644 --- a/Auto Run Docs/SpecKit-web-header-analyzer-Phase-08-Security-Operations.md +++ b/Auto Run Docs/SpecKit-web-header-analyzer-Phase-08-Security-Operations.md @@ -42,7 +42,7 @@ This phase protects the analysis service from abuse with per-IP rate limiting an - [x] Exceeding rate limit returns HTTP 429 with Retry-After header and CAPTCHA challenge - [x] Solving CAPTCHA returns HMAC-signed bypass token (5-minute expiry) - [x] Bypass token exempts IP from rate limiting on subsequent requests -- [ ] `GET /api/health` returns `{status, version, uptime, scannerCount}` +- [x] `GET /api/health` returns `{status, version, uptime, scannerCount}` - [x] All routers and CORS middleware are registered in `main.py` - [ ] Application starts statelessly — no database, no session management - [ ] CAPTCHA modal is keyboard accessible (Tab, Enter, Escape to close)