Specifications Index
Last Verified: 2026-02-17 | Owner: John
BasicFakta — Specifications Index
Frontend Code
- Repository: GitHub (HTTPS auth, gh CLI token)
- Main branch: Auto-deploys to basicfakta.no via Vercel
- Framework: Modern web stack (details in repo)
Backend API
- Hosting: Separate external API at basicfakta.no
- Source code: Not in repo (blocks accuracy improvements)
- Algorithm: Proprietary fake news detection
- Status: Access required for further development
Security Specifications
Implemented (2026-02)
- XSS prevention via input sanitization
- Rate limiting with authentication
- API key sanitization
- Security headers (vercel.json)
Pending
- Backend security audit (requires backend access)
- Penetration testing (scheduled TBD)
Accessibility Specifications
WCAG 2.1 Compliance
- Screen reader support
- Keyboard navigation
- Mobile touch targets (44x44px minimum)
- Color contrast ratios
- Loading state announcements
Testing Specifications
Current Status
- 42/65 tests passing (64.6% pass rate)
- 23 tests failing — factScore > 30 for known fake news sources
Test Categories
- URL extraction tests
- Fact scoring accuracy tests
- XSS prevention tests
- Rate limiting tests
- API integration tests
Blockers
- Backend algorithm not accessible
- Cannot tune scoring thresholds
- Cannot improve detection accuracy
Audit Reports
2026-02 Audit (13 items)
Critical:
- url-extractor.js (CREATED)
- XSS fix (FIXED)
- Rate limit bypass (FIXED)
- API key sanitization (FIXED)
Medium:
- Security headers (ADDED)
- Email validation (IMPROVED)
- SEO meta tags (ADDED)
- WCAG accessibility (IMPLEMENTED)
- Mobile UX (IMPROVED)
- Share results (ADDED)
- Loading states (IMPROVED)
Deployment: Commit ce800c2, Vercel auto-deployed
Dependencies
Required from Alem
- Backend source code — For algorithm improvements (task #100)
- IMAP credentials — For email monitoring (task #79)
- Test data — Known fake news URLs for accuracy testing
External Services
- Vercel (hosting)
- GitHub (version control)
- basicfakta.no API (backend)