fix: 修复6个bug并接入CodeStable工作流

Bug修复: - GetWorkList 使用了错误的 RecordType (RecordStudy→RecordWork) - AllRecord handler 返回错误的分页信息 (page硬编码1, pageSize用RecordsCount) - CourseParse creditNode nil panic (加nil检查) - WebSocket CheckOrigin 安全漏洞 (release模式限制为同源) - math/rand 可预测 (替换为 crypto/rand) - GetDiscussList 未实现 (补全实现, 移除重复路由) 其他: - 接入 CodeStable 工作流体系 (codestable/ 骨架 + AGENTS.md) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-25 19:55:57 +08:00
parent 83ee4bb5ea
commit 2a6732ffe7
23 changed files with 1561 additions and 23 deletions
--- a/internal/handler/debug_log.go
+++ b/internal/handler/debug_log.go
@@ -16,7 +16,11 @@ import (

 var debugLogUpgrader = websocket.Upgrader{
 	CheckOrigin: func(r *http.Request) bool {
-		return true
+		if conf.IsBuildDebugMode() {
+			return true
+		}
+		origin := r.Header.Get("Origin")
+		return origin == ""
 	},
 }