From b91a58f30afde495c5c628e29bfa10cce283c3eb Mon Sep 17 00:00:00 2001
From: giles <giles.bradshaw@sigyl.com>
Date: Wed, 25 Feb 2026 03:19:10 +0000
Subject: [PATCH] Exempt internal action/data requests from CSRF protection

Internal service-to-service POSTs (call_action) were blocked by CSRF
middleware since they have no session cookie. These requests are already
gated by X-Internal-Action/X-Internal-Data headers and only reachable
on the Docker overlay network.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 shared/browser/app/csrf.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/shared/browser/app/csrf.py b/shared/browser/app/csrf.py
index bfd898d..136a8be 100644
--- a/shared/browser/app/csrf.py
+++ b/shared/browser/app/csrf.py
@@ -57,6 +57,11 @@ async def protect() -> None:
     if _is_exempt_endpoint():
         return
 
+    # Internal service-to-service calls are already gated by header checks
+    # and only reachable on the Docker overlay network.
+    if request.headers.get("X-Internal-Action") or request.headers.get("X-Internal-Data"):
+        return
+
     session_token = qsession.get("csrf_token")
     if not session_token:
         abort(400, "Missing CSRF session token")