Pre-launch security: entity image-page host-allowlist (F-1) + prototype-path guard (F-2)#66
Merged
Merged
Conversation
…rd (F-2) F-1: Route entity.image_path through _resolveEntityImageSrc in journal-sync.mjs, mirroring the validated path map-sync._mapImageSrc already uses. Full http(s) URLs are gated on _isAllowedImageHost (scheme+hostname must match apiUrl); mismatches drop to empty src + _describeRejection warn. Relative /media/ paths are prefixed with apiUrl. Closes the entity-journal IP/referer exfil class identical to PR #56. F-2: Add PROTO_BLOCKED guard to _setNestedValue in actor-sync.mjs, rejecting __proto__, prototype, and constructor path segments before any object traversal. CI pins: extend tools/test-url-validation.mjs with static-source assertions for journal-sync.mjs (import + no bare entity.image_path sink + _resolveEntityImageSrc body check) and behavioral unit tests for the F-2 prototype guard. All 32 node --test checks green. Docs: mark PLAN.md superseded by current JournalEntry/MapViewerSheet architecture; mark API.md superseded by API-CONTRACT.md. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Y14Y6VXb7iB2xcNrYNDJa5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cites: 2026-05-21-core-tenets §T-B1 (security first)
Security implication: closes F-1 — the entity image-page
srcbypassed the image host-allowlist (same IP/referer exfil class as #56), + F-2 prototype-path guard.What this changes
journal-sync.mjsnow routes the entity Image journal-pagesrcthrough the same host-allowlist (_isAllowedImageHost+ apiUrl prefixing) thatmap-syncalready uses — a tamperedentity.image_pathcan no longer make a player fetch from an attacker host. + a CI pin so a new image sink can't silently regress it.actor-sync._setNestedValuerejects__proto__/prototype/constructorpath segments (prototype-pollution guard on the manifest-driven adapter).PLAN.md+API.mdmarked superseded.Why
Pre-launch Foundry-module security audit — F-1 was the one real gap (the host-allowlist #56 established everywhere else, missed on the entity-journal path).
Test plan
node --test tools/test-url-validation.mjs— 32/32 (20 existing + 12 new)🤖 Generated with Claude Code
https://claude.ai/code/session_01Y14Y6VXb7iB2xcNrYNDJa5
Generated by Claude Code