Skip to content

Page Quality Audit 1.3.0

Latest

Choose a tag to compare

@smonier smonier released this 09 Jul 17:31

Security release. Hardens the optional AI review endpoint against abuse of the operator's LLM key. Fixes #16 (external security review, PR #17 by @julian-maurel). No functional change to auditing.

Security

  • Authorization - the AI review is bound to a page the caller can read (jcr:read); unreadable or missing paths return 403. Closes the "any authenticated user or Personal API Token drives unlimited LLM calls billed to the operator's key" abuse.
  • Rate limiting - per-user sliding window of 30 reviews / 10 minutes (429 beyond).
  • Unauthenticated disclosure - the status GET now requires a non-guest user; provider/model are no longer readable anonymously.
  • CSRF - POST requires Content-Type: application/json (415 otherwise) and rejects cross-origin browser requests (Origin/Referer host check).
  • Error disclosure - provider/exception detail is logged server-side only; the client gets a generic message.
  • Link checker - only same-origin links on a read-only content-serving allowlist (/cms/render, /cms/file, /files) are verified with the editor session; all other same-origin links are counted but never fetched.

All findings verified live on Jahia 8.2.3.0 (unauth GET → 403, unreadable-path POST → 403, text/plain → 415, cross-origin → 403, 32 concurrent POSTs → exactly 30 processed then 429, legitimate editor review unchanged).

Install

Deploy page-audit-1.3.0.jar via the Jahia module manager (Jahia 8.2+), enable the module on the target site(s). Optional AI review requires org.jahia.se.modules.pageaudit.cfg (provider, model, API key).

See CHANGELOG.md for full history.