WebSocket/SSE origin verification

[mabry1985]

Summary

Verify origins on websocket and SSE connections to the A2A streaming endpoint.

Problem

Anyone who can reach the A2A endpoint can open an SSE connection and drain another session's events if they know or guess the task ID. OpenClaw had the same class of bug — no origin verification. A2A spec leaves this to implementations.

Approach

• Read A2A_ALLOWED_ORIGINS env (comma-separated) at startup; default empty (allow all, with WARNING log)
• When set: reject SSE/WebSocket requests whose `Ori...

---

Recovered automatically by Automaker post-agent hook

Summary by CodeRabbit

• New Features

  • Added origin verification for A2A streaming endpoints to enhance security controls.

• Documentation

  • Added A2A security environment variables documentation for authentication token and origin allowlisting configuration.

• Tests

  • Added comprehensive test coverage for origin verification functionality.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 38955520-3a3f-4cea-b0a6-275f131a0fe8

📥 Commits

Reviewing files that changed from the base of the PR and between b89e30f and 832d551.

📒 Files selected for processing (4)

• .automaker-lock
• a2a_handler.py
• docs/reference/environment-variables.md
• tests/test_a2a_handler.py

---

Walkthrough

Added origin-header verification for A2A streaming endpoints. The implementation reads A2A_ALLOWED_ORIGINS at route registration time, validates Origin headers against the allowlist, and rejects disallowed origins with HTTP 403. Documentation and comprehensive test coverage were added.

Changes

Cohort / File(s)	Summary
Origin Verification Implementation a2a_handler.py	Added _check_origin(request) function with environment-driven allowlist logic. Integrated checks into JSON-RPC (message/stream, tasks/resubscribe) and REST (/message:stream, GET /tasks/{task_id}:subscribe) streaming endpoints; raises HTTPException(403) for disallowed origins while allowing requests missing Origin header.
Documentation docs/reference/environment-variables.md	Added "A2A security" subsection documenting A2A_AUTH_TOKEN and A2A_ALLOWED_ORIGINS environment variables, including wildcard support, case-insensitive comparison, and default warning behaviors.
Test Coverage tests/test_a2a_handler.py	Added comprehensive "Origin verification" test suite covering disallowed origins (HTTP 403), allowed requests without Origin header, empty-string rejection, wildcard permissiveness, and startup warning validation for unset environment variables.
Configuration .automaker-lock	Updated feature ID and timestamp fields.

Sequence Diagram

sequenceDiagram
    participant Client
    participant Handler as A2A Handler
    participant OriginCheck as Origin Checker
    participant Response as Response Handler

    Client->>Handler: POST /a2a (message/stream)<br/>with Origin header
    Handler->>OriginCheck: _check_origin(request)
    alt Origin in A2A_ALLOWED_ORIGINS
        OriginCheck->>Handler: Allow
        Handler->>Response: Create StreamingResponse
        Response->>Client: HTTP 200 + Stream
    else Origin not in allowlist
        OriginCheck->>Handler: HTTPException(403)
        Handler->>Response: Return JSONResponse(403)
        Response->>Client: HTTP 403 + Error detail
    else No Origin header
        OriginCheck->>Handler: Allow (skip check)
        Handler->>Response: Create StreamingResponse
        Response->>Client: HTTP 200 + Stream
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/websocket/sse-origin-verification

⚔️ Resolve merge conflicts

• Resolve merge conflict in branch feature/websocket/sse-origin-verification

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.

[mabry1985]

This PR has merge conflicts with the base branch and cannot be auto-merged.\n\nClosing and re-queuing the feature to backlog so it will be re-cut from the current base branch on the next auto-mode cycle.