Skip to content

fix(web): restrict browser CORS origins#150

Open
leemeo3 wants to merge 1 commit into
tickernelz:mainfrom
leemeo3:fix/web-api-cors-origin-gate
Open

fix(web): restrict browser CORS origins#150
leemeo3 wants to merge 1 commit into
tickernelz:mainfrom
leemeo3:fix/web-api-cors-origin-gate

Conversation

@leemeo3

@leemeo3 leemeo3 commented Jul 2, 2026

Copy link
Copy Markdown

Summary

Refs #135.

This tightens the local web API's browser CORS policy so JSON API responses no longer advertise Access-Control-Allow-Origin: *. Browser requests with an Origin header are now limited to loopback origins (localhost, 127.0.0.1, [::1]), and non-loopback origins receive a 403 response without CORS allow headers.

Why

The web UI/API is a local developer tool, but the previous wildcard CORS response allowed arbitrary websites visited in the same browser to make credentialless cross-origin requests to the local memory API. This PR keeps non-browser/local tool requests working while preventing random web origins from reading or mutating local memories through CORS.

Scope

  • Adds a small shared CORS helper for the web server paths.
  • Applies the same Origin gate to web-server.ts and the worker implementation.
  • Handles preflight requests explicitly for allowed loopback origins.
  • Adds regression coverage for allowed loopback origins, blocked external origins, and rejected responses without CORS allow headers.

This intentionally does not close #135 because that issue also tracks other security items, including auth and persistent prompt-injection hardening.

Validation

  • npx bun test tests/web-server-cors.test.ts
  • npx bun run typecheck
  • npx bun run build
  • npx bun test — 161 pass, 0 fail

AI assistance disclosure: this PR was prepared with Codex assistance and reviewed before submission.

@leemeo3 leemeo3 marked this pull request as ready for review July 2, 2026 05:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security: XSS, no-auth CORS, and persistent prompt injection via stored memories

1 participant