sisudoc-spine/org/in_zip_pod.org, branch main SiSU Spine: document publishing and search (in D) 2015 org headers rearranged (& odd hilighting issue) 2026-05-04T16:12:12+00:00 Ralph Amissah ralph.amissah@gmail.com 2026-05-04T15:46:57+00:00 c81bb010f45b732f97d7fbecd812ecae28f2be7d - odd hilighting issue ... must result from my org config, but "fix" makes things easier for me. 
- odd hilighting issue ... must result from my org config, but "fix"
  makes things easier for me.
spine may be run against a zipped spine-pod url 2026-04-13T20:55:02+00:00 Ralph Amissah ralph.amissah@gmail.com 2026-04-13T20:32:08+00:00 c28f9e360110cd797d47d57cb29d4e4498fb1e0b - claude contributed src - processes zip from url using (system installed) curl for download 
- claude contributed src
  - processes zip from url using (system
    installed) curl for download
spine may be run against a document-markup zip pod 2026-04-13T20:25:56+00:00 Ralph Amissah ralph.amissah@gmail.com 2026-04-13T19:33:07+00:00 d0ac448e6425c9e4246cd529aeb11643dce8093f - claude contributed src - Opens the zip with std.zip.ZipArchive (reads the whole file into memory) - Locates pod.manifest inside the archive to discover document paths and languages - Extracts markup files (.sst/.ssm/.ssi) as in-memory strings - Extracts images as in-memory byte arrays - Extracts conf/dr_document_make if present - Presents these to the existing pipeline as if they were read from the filesystem - Some security mitigations: - Zip Slip / Path Traversal: Reject entries containing `..` or starting with `/`; canonicalize resolved paths and verify they fall within extraction root - Zip Bomb: Check `ArchiveMember.size` before extracting; enforce per-file (50MB) and total size limits (500MB) - Entry Count: Limit number of entries (a pod should have at most ~100 files) - Path depth: limit (Maximum 10 path components). - Symlinks: Verify no symlinks in extracted content before processing (post-extraction recursive scan) - Filename Validation: Only allow expected characters; reject null bytes - Malformed Zips: Catch `ZipException` from `std.zip.ZipArchive` constructor - Cleanup on error 
- claude contributed src
  - Opens the zip with std.zip.ZipArchive (reads the whole file into
    memory)
  - Locates pod.manifest inside the archive to discover document paths
    and languages
  - Extracts markup files (.sst/.ssm/.ssi) as in-memory strings
  - Extracts images as in-memory byte arrays
  - Extracts conf/dr_document_make if present
  - Presents these to the existing pipeline as if they were read from
    the filesystem
  - Some security mitigations:
    - Zip Slip / Path Traversal: Reject entries containing `..` or
      starting with `/`; canonicalize resolved paths and verify they
      fall within extraction root
    - Zip Bomb: Check `ArchiveMember.size` before extracting; enforce
      per-file (50MB) and total size limits (500MB)
    - Entry Count: Limit number of entries (a pod should have at most
      ~100 files)
    - Path depth: limit (Maximum 10 path components).
    - Symlinks: Verify no symlinks in extracted content before
      processing (post-extraction recursive scan)
    - Filename Validation: Only allow expected characters; reject null
      bytes
    - Malformed Zips: Catch `ZipException` from `std.zip.ZipArchive`
      constructor
    - Cleanup on error