fix: prevent user ID spoofing by stripping client-supplied 'g' header in withMobileAuth#1927

Open

MehranKhn wants to merge 2 commits into

code100x:mainfrom

MehranKhn:fix/mobile-auth-validation

Commits on May 22, 2026

fix: breadcrumb z-index to prevent completion mark overlapping sticky header
MehranKhn
committed
fix: strip client-supplied 'g' header in withMobileAuth to prevent identity spoofing
MehranKhn
committed