Skip to content

Security: feedback/inbox.jsonl and feedback/lastseen.json are HTTP-readable #4

Description

@companygardener

Summary

lib/server.py serves the entire artifact directory via SimpleHTTPRequestHandler, including the feedback/ subdirectory. The in-page library only needs feedback/history.json (which it polls to detect new walkthroughs); inbox.jsonl (full comment stream) and lastseen.json (per-session bookkeeping) are agent-side state that browser/HTTP clients should not be able to read.

Today, GET /feedback/inbox.jsonl returns the entire comment history with 200 OK.

Impact

Suggested fix

In do_GET, block any path under /feedback/ except history.json. Important: normalize the path first (posixpath.normpath(unquote(path))) so the check isn't bypassed by:

  • Dot segments: /./feedback/inbox.jsonl, /x/../feedback/inbox.jsonl
  • Double slashes: /feedback//inbox.jsonl
  • Percent-encoding: /%66eedback/inbox.jsonl

All four of these resolve to the same file in SimpleHTTPRequestHandler.translate_path, but a naive exact-string check on the raw URL path would let them through.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions