security: fix critical auth gaps, SSRF, IDOR, and embedding error handling
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 39s

CRITICAL:
- Add auth + admin check to 10 unprotected API routes (test-*, debug/*,
  config, models, fix-labels)
- Add CRON_SECRET bearer auth to /api/cron/reminders (was fully open)
- Add SSRF protection to getOllamaModels (blocks private/internal IPs)

HIGH:
- Fix getAllLabels() missing userId filter (leaked all users' labels)
- Fix /api/labels OR clause leaking other users' labels
- Fix IDOR in toggleAgent/getAgentActions (add ownership check)
- Fix getEmbeddings() returning [] on error in all 5 providers (corrupted
  semantic search with NaN cosine similarity) — now throws instead

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
2026-04-30 21:02:13 +02:00
parent 0a900b3582
commit fa72672aac
20 changed files with 138 additions and 14 deletions

View File

@@ -246,6 +246,13 @@ export async function getAgentActions(agentId: string) {
}
try {
// Verify the agent belongs to the user
const agent = await prisma.agent.findFirst({
where: { id: agentId, userId: session.user.id },
select: { id: true }
})
if (!agent) throw new Error('Agent non trouve')
const actions = await prisma.agentAction.findMany({
where: { agentId },
orderBy: { createdAt: 'desc' },
@@ -276,7 +283,7 @@ export async function toggleAgent(id: string, isEnabled: boolean) {
try {
const agent = await prisma.agent.update({
where: { id },
where: { id, userId: session.user.id },
data: { isEnabled }
})
return { success: true, agent }

View File

@@ -1169,8 +1169,13 @@ export async function updateSize(id: string, size: 'small' | 'medium' | 'large')
// Get all unique labels
export async function getAllLabels() {
const session = await auth();
if (!session?.user?.id) return [];
try {
const notes = await prisma.note.findMany({ select: { labels: true } })
const notes = await prisma.note.findMany({
where: { userId: session.user.id },
select: { labels: true }
})
const labelsSet = new Set<string>()
notes.forEach((note: any) => {
const labels = note.labels ? JSON.parse(note.labels) : null

View File

@@ -26,6 +26,24 @@ export async function getOllamaModels(baseUrl: string): Promise<{ success: boole
// Ensure URL doesn't end with slash
const cleanUrl = baseUrl.replace(/\/$/, '')
// SSRF protection: block internal/private IPs
try {
const parsed = new URL(cleanUrl)
const hostname = parsed.hostname.toLowerCase()
const blockedHosts = ['localhost', '127.0.0.1', '0.0.0.0', '::1', '169.254.169.254']
if (blockedHosts.includes(hostname)) {
return { success: false, models: [], error: 'Private/internal URLs are not allowed' }
}
if (hostname.startsWith('10.') || hostname.startsWith('172.') || hostname.startsWith('192.168.') || hostname.startsWith('fc') || hostname.startsWith('fd')) {
return { success: false, models: [], error: 'Private/internal URLs are not allowed' }
}
if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
return { success: false, models: [], error: 'Only http/https protocols allowed' }
}
} catch {
return { success: false, models: [], error: 'Invalid URL' }
}
try {
const response = await fetch(`${cleanUrl}/api/tags`, {
method: 'GET',