art-dag/mono
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security audit: fix IDOR, add rate limiting, HMAC auth, token hashing, XSS sanitization

Browse Source 
Critical: Add ownership checks to all order routes (IDOR fix).
High: Redis rate limiting on auth endpoints, HMAC-signed internal
service calls replacing header-presence-only checks, nh3 HTML
sanitization on ghost_sync and product import, internal auth on
market API endpoints, SHA-256 hashed OAuth grant/code tokens.
Medium: SECRET_KEY production guard, AP signature enforcement,
is_admin param removal, cart_sid validation, SSRF protection on
remote actor fetch.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
giles
2026-02-26 13:30:27 +00:00
parent 404449fcab
commit c015f3f02f
27 changed files with 607 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
shared/infrastructure/activitypub.py
View File

@@ -328,9 +328,10 @@ def create_activitypub_blueprint(app_name: str) -> Blueprint:
if not sig_valid:
log.warning(
"Unverified inbox POST from %s (%s) on %saccepting anyway for now",
"Unverified inbox POST from %s (%s) on %srejecting",
from_actor_url, activity_type, domain,
)
abort(401, "Invalid or missing HTTP signature")
# Load actor row for DB operations
actor_row = (