Skip to content

Add HTTP allowlist, traceback sanitization, and help HTML hardening w…#38

Merged
diego-ferrand merged 1 commit into
developmentfrom
SECURITY_HARDENING
Jul 17, 2026
Merged

Add HTTP allowlist, traceback sanitization, and help HTML hardening w…#38
diego-ferrand merged 1 commit into
developmentfrom
SECURITY_HARDENING

Conversation

@diego-ferrand

@diego-ferrand diego-ferrand commented Jul 17, 2026

Copy link
Copy Markdown
Collaborator

This pull request introduces significant improvements to the security and robustness of the codebase, especially around sensitive data handling, HTTP endpoint validation, and traceback sanitization. It adds new security utilities, strengthens token validation and error handling, and provides comprehensive tests for these features. The changes also ensure that sensitive information is not leaked in errors, logs, or tracebacks.

The most important changes are:

Security Utilities and HTTP Endpoint Protection

  • Added a new config/security.py module providing helpers for detecting sensitive file paths and allowlisting HTTP endpoints, preventing SSRF and accidental exposure of secrets. (config/security.py)
  • Integrated endpoint allowlisting and SSRF protection into HTTP request logic, with tests verifying only specific domains (e.g., help.perfecto.io) are allowed and that blocked requests do not trigger network calls. (tests/test_http_request_security.py)

Token Handling and Error Sanitization

  • Improved PerfectoToken validation to strictly enforce non-empty string types for tokens and cloud names, raising errors that never include sensitive values. (config/token.py)
  • Refined error messages and __repr__ for PerfectoToken to avoid leaking secrets, and added tests to ensure errors and representations are always sanitized. (config/token.py, tests/test_token_security.py) [1] [2]

Traceback and Output Sanitization

  • Added thorough tests to verify that formatted tracebacks do not expose absolute file paths or sensitive directory information, while preserving useful debugging details. (tests/test_traceback_sanitization.py)
  • Updated code to use format_sanitized_traceback for error reporting, ensuring consistent sanitization. (tools/ai_scriptless_manager.py)

Testing and Utility Improvements

  • Introduced tests for datetime utilities and help documentation HTML/Markdown processing, including security-focused HTML sanitization and link interpolation. (tests/test_datetime_utils.py, tests/test_help_utils_href_interpolation.py) [1] [2]

These changes collectively enhance the application's security posture and resilience against common data leakage and SSRF risks.

@diego-ferrand
diego-ferrand merged commit b1ee6c4 into development Jul 17, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants