catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-10 02:24:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

Issue Queue: issue-exec-20260106-160325 (#52)

Browse Source 
* feat(security): Secure dashboard server by default

## Solution Summary
- Solution-ID: SOL-DSC-002-1
- Issue-ID: DSC-002

## Tasks Completed
- [T1] JWT token manager (24h expiry, persisted secret/token)
- [T2] API auth middleware + localhost token endpoint
- [T3] Default bind 127.0.0.1, add --host with warning
- [T4] Localhost-only CORS with credentials + Vary
- [T5] SECURITY.md documentation + README link

## Verification
- npm run build
- npm test -- ccw/tests/token-manager.test.ts ccw/tests/middleware.test.ts ccw/tests/server-auth.integration.test.ts ccw/tests/server.test.ts ccw/tests/cors.test.ts

* fix(security): Prevent command injection in Windows spawn()

## Solution Summary
- **Solution-ID**: SOL-DSC-001-1
- **Issue-ID**: DSC-001
- **Risk/Impact/Complexity**: high/high/medium

## Tasks Completed
- [T1] Create Windows shell escape utility
- [T2] Escape cli-executor spawn() args on Windows
- [T3] Add command injection regression tests

## Files Modified
- ccw/src/utils/shell-escape.ts
- ccw/src/tools/cli-executor.ts
- ccw/tests/shell-escape.test.ts
- ccw/tests/security/command-injection.test.ts

## Verification
- npm run build
- npm test -- ccw/tests/shell-escape.test.ts ccw/tests/security/command-injection.test.ts

* fix(security): Harden path validation (DSC-005)

## Solution Summary
- Solution-ID: SOL-DSC-005-1
- Issue-ID: DSC-005

## Tasks Completed
- T1: Refactor path validation to pre-resolution checking
- T2: Implement allowlist-based path validation
- T3: Add path validation to API routes
- T4: Add path security regression tests

## Files Modified
- ccw/src/utils/path-resolver.ts
- ccw/src/utils/path-validator.ts
- ccw/src/core/routes/graph-routes.ts
- ccw/src/core/routes/files-routes.ts
- ccw/src/core/routes/skills-routes.ts
- ccw/tests/path-resolver.test.ts
- ccw/tests/graph-routes.test.ts
- ccw/tests/files-routes.test.ts
- ccw/tests/skills-routes.test.ts
- ccw/tests/security/path-traversal.test.ts

## Verification
- npm run build
- npm test -- path-resolver.test.ts
- npm test -- path-validator.test.ts
- npm test -- graph-routes.test.ts
- npm test -- files-routes.test.ts
- npm test -- skills-routes.test.ts
- npm test -- ccw/tests/security/path-traversal.test.ts

* fix(security): Prevent credential leakage (DSC-004)

## Solution Summary
- Solution-ID: SOL-DSC-004-1
- Issue-ID: DSC-004

## Tasks Completed
- T1: Create credential handling security tests
- T2: Add log sanitization tests
- T3: Add env var leakage prevention tests
- T4: Add secure storage tests

## Files Modified
- ccw/src/config/litellm-api-config-manager.ts
- ccw/src/core/routes/litellm-api-routes.ts
- ccw/tests/security/credential-handling.test.ts

## Verification
- npm run build
- node --experimental-strip-types --test ccw/tests/security/credential-handling.test.ts

* test(ranking): expand normalize_weights edge case coverage (ISS-1766920108814-0)

## Solution Summary
- Solution-ID: SOL-20251228113607
- Issue-ID: ISS-1766920108814-0

## Tasks Completed
- T1: Fix NaN and invalid total handling in normalize_weights
- T2: Add unit tests for NaN edge cases in normalize_weights

## Files Modified
- codex-lens/tests/test_rrf_fusion.py

## Verification
- python -m pytest codex-lens/tests/test_rrf_fusion.py::TestNormalizeBM25Score -v
- python -m pytest codex-lens/tests/test_rrf_fusion.py -v -k normalize
- python -m pytest codex-lens/tests/test_rrf_fusion.py::TestReciprocalRankFusion::test_weight_normalization codex-lens/tests/test_cli_hybrid_search.py::TestCLIHybridSearch::test_weights_normalization -v

* feat(security): Add CSRF protection and tighten CORS (DSC-006)

## Solution Summary
- Solution-ID: SOL-DSC-006-1
- Issue-ID: DSC-006
- Risk/Impact/Complexity: high/high/medium

## Tasks Completed
- T1: Create CSRF token generation system
- T2: Add CSRF token endpoints
- T3: Implement CSRF validation middleware
- T4: Restrict CORS to trusted origins
- T5: Add CSRF security tests

## Files Modified
- ccw/src/core/auth/csrf-manager.ts
- ccw/src/core/auth/csrf-middleware.ts
- ccw/src/core/routes/auth-routes.ts
- ccw/src/core/server.ts
- ccw/tests/csrf-manager.test.ts
- ccw/tests/auth-routes.test.ts
- ccw/tests/csrf-middleware.test.ts
- ccw/tests/security/csrf.test.ts

## Verification
- npm run build
- node --experimental-strip-types --test ccw/tests/csrf-manager.test.ts
- node --experimental-strip-types --test ccw/tests/auth-routes.test.ts
- node --experimental-strip-types --test ccw/tests/csrf-middleware.test.ts
- node --experimental-strip-types --test ccw/tests/cors.test.ts
- node --experimental-strip-types --test ccw/tests/security/csrf.test.ts

* fix(cli-executor): prevent stale SIGKILL timeouts

## Solution Summary

- Solution-ID: SOL-DSC-007-1

- Issue-ID: DSC-007

- Risk/Impact/Complexity: low/low/low

## Tasks Completed

- [T1] Store timeout handle in killCurrentCliProcess

## Files Modified

- ccw/src/tools/cli-executor.ts

- ccw/tests/cli-executor-kill.test.ts

## Verification

- node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts

* fix(cli-executor): enhance merge validation guards

## Solution Summary

- Solution-ID: SOL-DSC-008-1

- Issue-ID: DSC-008

- Risk/Impact/Complexity: low/low/low

## Tasks Completed

- [T1] Enhance sourceConversations array validation

## Files Modified

- ccw/src/tools/cli-executor.ts

- ccw/tests/cli-executor-merge-validation.test.ts

## Verification

- node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts

* refactor(core): remove @ts-nocheck from core routes

## Solution Summary
- Solution-ID: SOL-DSC-003-1
- Issue-ID: DSC-003
- Queue-ID: QUE-20260106-164500
- Item-ID: S-9

## Tasks Completed
- T1: Create shared RouteContext type definition
- T2: Remove @ts-nocheck from small route files
- T3: Remove @ts-nocheck from medium route files
- T4: Remove @ts-nocheck from large route files
- T5: Remove @ts-nocheck from remaining core files

## Files Modified
- ccw/src/core/dashboard-generator-patch.ts
- ccw/src/core/dashboard-generator.ts
- ccw/src/core/routes/ccw-routes.ts
- ccw/src/core/routes/claude-routes.ts
- ccw/src/core/routes/cli-routes.ts
- ccw/src/core/routes/codexlens-routes.ts
- ccw/src/core/routes/discovery-routes.ts
- ccw/src/core/routes/files-routes.ts
- ccw/src/core/routes/graph-routes.ts
- ccw/src/core/routes/help-routes.ts
- ccw/src/core/routes/hooks-routes.ts
- ccw/src/core/routes/issue-routes.ts
- ccw/src/core/routes/litellm-api-routes.ts
- ccw/src/core/routes/litellm-routes.ts
- ccw/src/core/routes/mcp-routes.ts
- ccw/src/core/routes/mcp-routes.ts.backup
- ccw/src/core/routes/mcp-templates-db.ts
- ccw/src/core/routes/nav-status-routes.ts
- ccw/src/core/routes/rules-routes.ts
- ccw/src/core/routes/session-routes.ts
- ccw/src/core/routes/skills-routes.ts
- ccw/src/core/routes/status-routes.ts
- ccw/src/core/routes/system-routes.ts
- ccw/src/core/routes/types.ts
- ccw/src/core/server.ts
- ccw/src/core/websocket.ts

## Verification
- npm run build
- npm test

* refactor: split cli-executor and codexlens routes into modules

## Solution Summary
- Solution-ID: SOL-DSC-012-1
- Issue-ID: DSC-012
- Risk/Impact/Complexity: medium/medium/high

## Tasks Completed
- [T1] Extract execution orchestration from cli-executor.ts (Refactor ccw/src/tools)
- [T2] Extract route handlers from codexlens-routes.ts (Refactor ccw/src/core/routes)
- [T3] Extract prompt concatenation logic from cli-executor (Refactor ccw/src/tools)
- [T4] Document refactored module architecture (Docs)

## Files Modified
- ccw/src/tools/cli-executor.ts
- ccw/src/tools/cli-executor-core.ts
- ccw/src/tools/cli-executor-utils.ts
- ccw/src/tools/cli-executor-state.ts
- ccw/src/tools/cli-prompt-builder.ts
- ccw/src/tools/README.md
- ccw/src/core/routes/codexlens-routes.ts
- ccw/src/core/routes/codexlens/config-handlers.ts
- ccw/src/core/routes/codexlens/index-handlers.ts
- ccw/src/core/routes/codexlens/semantic-handlers.ts
- ccw/src/core/routes/codexlens/watcher-handlers.ts
- ccw/src/core/routes/codexlens/utils.ts
- ccw/src/core/routes/codexlens/README.md

## Verification
- npm run build
- npm test

* test(issue): Add comprehensive issue command tests

## Solution Summary
- **Solution-ID**: SOL-DSC-009-1
- **Issue-ID**: DSC-009
- **Risk/Impact/Complexity**: low/high/medium

## Tasks Completed
- [T1] Create issue command test file structure: Create isolated test harness
- [T2] Add JSONL read/write operation tests: Verify JSONL correctness and errors
- [T3] Add issue lifecycle tests: Verify status transitions and timestamps
- [T4] Add solution binding tests: Verify binding flows and error cases
- [T5] Add queue formation tests: Verify queue creation, IDs, and DAG behavior
- [T6] Add queue execution tests: Verify next/done/retry and status sync

## Files Modified
- ccw/src/commands/issue.ts
- ccw/tests/issue-command.test.ts

## Verification
- node --experimental-strip-types --test ccw/tests/issue-command.test.ts

* test(routes): Add integration tests for route modules

## Solution Summary
- Solution-ID: SOL-DSC-010-1
- Issue-ID: DSC-010
- Queue-ID: QUE-20260106-164500

## Tasks Completed
- [T1] Add tests for ccw-routes.ts
- [T2] Add tests for files-routes.ts
- [T3] Add tests for claude-routes.ts (includes Windows path fix for create)
- [T4] Add tests for issue-routes.ts
- [T5] Add tests for help-routes.ts (avoid hanging watchers)
- [T6] Add tests for nav-status-routes.ts
- [T7] Add tests for hooks/graph/rules/skills/litellm-api routes

## Files Modified
- ccw/src/core/routes/claude-routes.ts
- ccw/src/core/routes/help-routes.ts
- ccw/tests/integration/ccw-routes.test.ts
- ccw/tests/integration/claude-routes.test.ts
- ccw/tests/integration/files-routes.test.ts
- ccw/tests/integration/issue-routes.test.ts
- ccw/tests/integration/help-routes.test.ts
- ccw/tests/integration/nav-status-routes.test.ts
- ccw/tests/integration/hooks-routes.test.ts
- ccw/tests/integration/graph-routes.test.ts
- ccw/tests/integration/rules-routes.test.ts
- ccw/tests/integration/skills-routes.test.ts
- ccw/tests/integration/litellm-api-routes.test.ts

## Verification
- node --experimental-strip-types --test ccw/tests/integration/ccw-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/files-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/claude-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/issue-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/help-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/nav-status-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/hooks-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/graph-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/rules-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/skills-routes.test.ts
- node --experimental-strip-types --test ccw/tests/integration/litellm-api-routes.test.ts

* refactor(core): Switch cache and lite scanning to async fs

## Solution Summary
- Solution-ID: SOL-DSC-013-1
- Issue-ID: DSC-013
- Queue-ID: QUE-20260106-164500

## Tasks Completed
- [T1] Convert cache-manager.ts to async file operations
- [T2] Convert lite-scanner.ts to async file operations
- [T3] Update cache-manager call sites to await async API
- [T4] Update lite-scanner call sites to await async API

## Files Modified
- ccw/src/core/cache-manager.ts
- ccw/src/core/lite-scanner.ts
- ccw/src/core/data-aggregator.ts

## Verification
- npm run build
- npm test

* fix(exec): Add timeout protection for execSync

## Solution Summary
- Solution-ID: SOL-DSC-014-1
- Issue-ID: DSC-014
- Queue-ID: QUE-20260106-164500

## Tasks Completed
- [T1] Add timeout to execSync calls in python-utils.ts
- [T2] Add timeout to execSync calls in detect-changed-modules.ts
- [T3] Add timeout to execSync calls in claude-freshness.ts
- [T4] Add timeout to execSync calls in issue.ts
- [T5] Consolidate execSync timeout constants and audit coverage

## Files Modified
- ccw/src/utils/exec-constants.ts
- ccw/src/utils/python-utils.ts
- ccw/src/tools/detect-changed-modules.ts
- ccw/src/core/claude-freshness.ts
- ccw/src/commands/issue.ts
- ccw/src/tools/smart-search.ts
- ccw/src/tools/codex-lens.ts
- ccw/src/core/routes/codexlens/config-handlers.ts

## Verification
- npm run build
- npm test
- node --experimental-strip-types --test ccw/tests/issue-command.test.ts

* feat(cli): Add progress spinner with elapsed time for long-running operations

## Solution Summary
- Solution-ID: SOL-DSC-015-1
- Issue-ID: DSC-015
- Queue-Item: S-15
- Risk/Impact/Complexity: low/medium/low

## Tasks Completed
- [T1] Add progress spinner to CLI execution: Update ccw/src/commands/cli.ts

## Files Modified
- ccw/src/commands/cli.ts
- ccw/tests/cli-command.test.ts

## Verification
- node --experimental-strip-types --test ccw/tests/cli-command.test.ts
- node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts
- node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts

* fix(cli): Move full output hint immediately after truncation notice

## Solution Summary
- Solution-ID: SOL-DSC-016-1
- Issue-ID: DSC-016
- Queue-Item: S-16
- Risk/Impact/Complexity: low/high/low

## Tasks Completed
- [T1] Relocate output hint after truncation: Update ccw/src/commands/cli.ts

## Files Modified
- ccw/src/commands/cli.ts
- ccw/tests/cli-command.test.ts

## Verification
- npm run build
- node --experimental-strip-types --test ccw/tests/cli-command.test.ts

* feat(cli): Add confirmation prompts for destructive operations

## Solution Summary
- Solution-ID: SOL-DSC-017-1
- Issue-ID: DSC-017
- Queue-Item: S-17
- Risk/Impact/Complexity: low/high/low

## Tasks Completed
- [T1] Add confirmation to storage clean operations: Update ccw/src/commands/cli.ts
- [T2] Add confirmation to issue queue delete: Update ccw/src/commands/issue.ts

## Files Modified
- ccw/src/commands/cli.ts
- ccw/src/commands/issue.ts
- ccw/tests/cli-command.test.ts
- ccw/tests/issue-command.test.ts

## Verification
- npm run build
- node --experimental-strip-types --test ccw/tests/cli-command.test.ts
- node --experimental-strip-types --test ccw/tests/issue-command.test.ts

* feat(cli): Improve multi-line prompt guidance

## Solution Summary
- Solution-ID: SOL-DSC-018-1
- Issue-ID: DSC-018
- Queue-Item: S-18
- Risk/Impact/Complexity: low/medium/low

## Tasks Completed
- [T1] Update CLI help to emphasize --file option: Update ccw/src/commands/cli.ts
- [T2] Add inline hint for multi-line detection: Update ccw/src/commands/cli.ts

## Files Modified
- ccw/src/commands/cli.ts
- ccw/tests/cli-command.test.ts

## Verification
- npm run build
- node --experimental-strip-types --test ccw/tests/cli-command.test.ts

---------

Co-authored-by: catlog22 <catlog22@github.com>
This commit is contained in:
catlog22
2026-01-07 22:35:46 +08:00
committed by GitHub
parent fae2f7e279
commit 09d99abee6
100 changed files with 14300 additions and 6456 deletions
Download Patch File Download Diff File Expand all files Collapse all files

243
ccw/tests/security/command-injection.test.ts Normal file
View File

@@ -0,0 +1,243 @@
/**
* Regression tests for command injection protections in cli-executor.
*
* Focus: ensure args are escaped on Windows when `shell: true` is required.
*/
import { after, before, describe, it } from 'node:test';
import assert from 'node:assert/strict';
import { createRequire } from 'node:module';
import { EventEmitter } from 'node:events';
import { PassThrough } from 'node:stream';
import { mkdtempSync, rmSync } from 'node:fs';
import { tmpdir } from 'node:os';
import { join } from 'node:path';
const cliExecutorUrl = new URL('../../dist/tools/cli-executor.js', import.meta.url).href;
const historyStoreUrl = new URL('../../dist/tools/cli-history-store.js', import.meta.url).href;
const shellEscapeUrl = new URL('../../dist/utils/shell-escape.js', import.meta.url).href;
describe('cli-executor: command injection regression', async () => {
const isWindows = process.platform === 'win32';
const require = createRequire(import.meta.url);
const childProcess = require('child_process');
const originalSpawn = childProcess.spawn;
const originalSetTimeout = globalThis.setTimeout;
const spawnCalls: Array<{ command: string; args: string[]; options: Record<string, unknown> }> = [];
const envSnapshot: Record<string, string | undefined> = {};
let ccwHome = '';
let projectDir = '';
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let cliExecutorModule: any;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let historyStoreModule: any;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let shellEscapeModule: any;
function unrefSetTimeout<TArgs extends unknown[]>(
fn: (...args: TArgs) => void,
delay?: number,
...args: TArgs
): ReturnType<typeof setTimeout> {
const t = originalSetTimeout(fn as (...args: unknown[]) => void, delay as number, ...args);
(t as unknown as { unref?: () => void }).unref?.();
return t;
}
before(async () => {
envSnapshot.CCW_DATA_DIR = process.env.CCW_DATA_DIR;
envSnapshot.DEBUG = process.env.DEBUG;
envSnapshot.CCW_DEBUG = process.env.CCW_DEBUG;
ccwHome = mkdtempSync(join(tmpdir(), 'ccw-command-injection-home-'));
projectDir = mkdtempSync(join(tmpdir(), 'ccw-command-injection-project-'));
process.env.CCW_DATA_DIR = ccwHome;
delete process.env.DEBUG;
delete process.env.CCW_DEBUG;
// Prevent long-lived timeouts in the module under test from delaying process exit.
globalThis.setTimeout = unrefSetTimeout as unknown as typeof setTimeout;
shellEscapeModule = await import(shellEscapeUrl);
// Patch child_process.spawn BEFORE importing cli-executor (it captures spawn at module init).
childProcess.spawn = (command: unknown, args: unknown[], options: Record<string, unknown>) => {
const cmd = String(command);
const argv = Array.isArray(args) ? args.map((a) => String(a)) : [];
spawnCalls.push({ command: cmd, args: argv, options: options || {} });
const child = new EventEmitter() as any;
child.pid = 4242;
child.killed = false;
child.stdin = new PassThrough();
child.stdout = new PassThrough();
child.stderr = new PassThrough();
let closed = false;
child.kill = () => {
child.killed = true;
if (!closed) {
closed = true;
child.stdout.end();
child.stderr.end();
child.emit('close', 0);
}
return true;
};
process.nextTick(() => {
if (closed) return;
if (cmd === 'where' || cmd === 'which') {
const tool = argv[0] || 'tool';
child.stdout.write(`C:\\\\fake\\\\${tool}.cmd\r\n`);
child.stdout.end();
child.stderr.end();
closed = true;
child.emit('close', 0);
return;
}
child.stdout.write('ok\n');
child.stdout.end();
child.stderr.end();
closed = true;
child.emit('close', 0);
});
return child;
};
cliExecutorModule = await import(cliExecutorUrl);
historyStoreModule = await import(historyStoreUrl);
});
after(async () => {
childProcess.spawn = originalSpawn;
globalThis.setTimeout = originalSetTimeout;
try {
historyStoreModule?.closeAllStores?.();
} catch {
// ignore
}
if (projectDir) rmSync(projectDir, { recursive: true, force: true });
if (ccwHome) rmSync(ccwHome, { recursive: true, force: true });
process.env.CCW_DATA_DIR = envSnapshot.CCW_DATA_DIR;
if (envSnapshot.DEBUG === undefined) delete process.env.DEBUG;
else process.env.DEBUG = envSnapshot.DEBUG;
if (envSnapshot.CCW_DEBUG === undefined) delete process.env.CCW_DEBUG;
else process.env.CCW_DEBUG = envSnapshot.CCW_DEBUG;
});
it('escapes dangerous metacharacters for Windows shell execution', async () => {
const escapeWindowsArg = shellEscapeModule.escapeWindowsArg as (arg: string) => string;
const cases: Array<{
name: string;
params: Record<string, unknown>;
expectedCommand: string;
expectedArgs: string[];
}> = [
{
name: 'gemini: model includes &',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-amp', model: 'gpt-4 & calc' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'gpt-4 & calc'],
},
{
name: 'gemini: model includes |',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-pipe', model: 'gpt|calc' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'gpt|calc'],
},
{
name: 'gemini: model includes >',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-gt', model: 'gpt>out.txt' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'gpt>out.txt'],
},
{
name: 'gemini: model includes <',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-lt', model: 'gpt<input.txt' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'gpt<input.txt'],
},
{
name: 'gemini: model includes parentheses',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-paren', model: '(gpt)' },
expectedCommand: 'gemini',
expectedArgs: ['-m', '(gpt)'],
},
{
name: 'gemini: model includes %',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-percent', model: '%PATH%' },
expectedCommand: 'gemini',
expectedArgs: ['-m', '%PATH%'],
},
{
name: 'gemini: model includes !',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-bang', model: '!VAR!' },
expectedCommand: 'gemini',
expectedArgs: ['-m', '!VAR!'],
},
{
name: 'gemini: model includes caret',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-model-caret', model: 'a^b' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'a^b'],
},
{
name: 'gemini: includeDirs includes spaces and &',
params: { tool: 'gemini', prompt: 'hi', cd: projectDir, id: 'case-gemini-include', includeDirs: 'C:\\Program Files\\A & B', model: 'test-model' },
expectedCommand: 'gemini',
expectedArgs: ['-m', 'test-model', '--include-directories', 'C:\\Program Files\\A & B'],
},
{
name: 'qwen: model includes double quote',
params: { tool: 'qwen', prompt: 'hi', cd: projectDir, id: 'case-qwen-model-quote', model: 'qwen\"model' },
expectedCommand: 'qwen',
expectedArgs: ['-m', 'qwen\"model'],
},
{
name: 'qwen: includeDirs includes |',
params: { tool: 'qwen', prompt: 'hi', cd: projectDir, id: 'case-qwen-include-pipe', includeDirs: 'C:\\a|b', model: 'test-model' },
expectedCommand: 'qwen',
expectedArgs: ['-m', 'test-model', '--include-directories', 'C:\\a|b'],
},
{
name: 'codex: --add-dir values include metacharacters and spaces',
params: { tool: 'codex', prompt: 'hi', cd: projectDir, id: 'case-codex-include', includeDirs: 'C:\\a&b,C:\\c d', model: 'gpt-4' },
expectedCommand: 'codex',
expectedArgs: ['exec', '--full-auto', '-m', 'gpt-4', '--add-dir', 'C:\\a&b', '--add-dir', 'C:\\c d', '-'],
},
];
for (const testCase of cases) {
spawnCalls.length = 0;
await cliExecutorModule.executeCliTool(testCase.params, null);
const execCall = spawnCalls.find((c) => c.command === testCase.expectedCommand);
assert.ok(execCall, `Expected spawn call for ${testCase.expectedCommand} (${testCase.name})`);
assert.equal(
execCall.options?.shell,
isWindows,
`Expected shell=${String(isWindows)} for ${testCase.expectedCommand} (${testCase.name})`
);
const expectedCommand = isWindows ? escapeWindowsArg(testCase.expectedCommand) : testCase.expectedCommand;
const expectedArgs = isWindows ? testCase.expectedArgs.map(escapeWindowsArg) : testCase.expectedArgs;
assert.equal(execCall.command, expectedCommand, `spawn command (${testCase.name})`);
assert.deepEqual(execCall.args, expectedArgs, `spawn args (${testCase.name})`);
}
});
});

447
ccw/tests/security/credential-handling.test.ts Normal file
View File

@@ -0,0 +1,447 @@
/**
* Security tests for credential handling (DSC-004).
*
* Notes:
* - Targets runtime implementation shipped in `ccw/dist`.
* - Uses an isolated CCW data directory (CCW_DATA_DIR) to avoid touching real user config.
*/
import { after, afterEach, before, beforeEach, describe, it, mock } from 'node:test';
import assert from 'node:assert/strict';
import http from 'node:http';
import { mkdtempSync, mkdirSync, readFileSync, readdirSync, rmSync, statSync, writeFileSync } from 'node:fs';
import { tmpdir } from 'node:os';
import path from 'node:path';
const CCW_HOME = mkdtempSync(path.join(tmpdir(), 'ccw-credential-tests-home-'));
const PROJECT_ROOT = mkdtempSync(path.join(tmpdir(), 'ccw-credential-tests-project-'));
const CONFIG_DIR = path.join(CCW_HOME, 'config');
const CONFIG_PATH = path.join(CONFIG_DIR, 'litellm-api-config.json');
const originalEnv = {
CCW_DATA_DIR: process.env.CCW_DATA_DIR,
TEST_API_KEY: process.env.TEST_API_KEY,
};
process.env.CCW_DATA_DIR = CCW_HOME;
const configManagerUrl = new URL('../../dist/config/litellm-api-config-manager.js', import.meta.url);
configManagerUrl.searchParams.set('t', String(Date.now()));
const litellmRoutesUrl = new URL('../../dist/core/routes/litellm-api-routes.js', import.meta.url);
litellmRoutesUrl.searchParams.set('t', String(Date.now()));
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let mod: any;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let routes: any;
type JsonResponse = { status: number; json: any; text: string };
async function requestJson(baseUrl: string, method: string, reqPath: string, body?: unknown): Promise<JsonResponse> {
const url = new URL(reqPath, baseUrl);
const payload = body === undefined ? null : Buffer.from(JSON.stringify(body), 'utf8');
return new Promise((resolve, reject) => {
const req = http.request(
url,
{
method,
headers: {
Accept: 'application/json',
...(payload ? { 'Content-Type': 'application/json', 'Content-Length': String(payload.length) } : {}),
},
},
(res) => {
let responseBody = '';
res.on('data', (chunk) => {
responseBody += chunk.toString();
});
res.on('end', () => {
let json: any = null;
try {
json = responseBody ? JSON.parse(responseBody) : null;
} catch {
json = null;
}
resolve({ status: res.statusCode || 0, json, text: responseBody });
});
},
);
req.on('error', reject);
if (payload) req.write(payload);
req.end();
});
}
function handlePostRequest(
req: http.IncomingMessage,
res: http.ServerResponse,
handler: (body: unknown) => Promise<any>,
): void {
let body = '';
req.on('data', (chunk) => {
body += chunk.toString();
});
req.on('end', async () => {
try {
const parsed = body ? JSON.parse(body) : {};
const result = await handler(parsed);
if (result?.error) {
res.writeHead(result.status || 500, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ error: result.error }));
} else {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify(result));
}
} catch (err: any) {
res.writeHead(500, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ error: err?.message || String(err) }));
}
});
}
async function createServer(initialPath: string): Promise<{ server: http.Server; baseUrl: string }> {
const server = http.createServer(async (req, res) => {
const url = new URL(req.url || '/', 'http://localhost');
const pathname = url.pathname;
const ctx = {
pathname,
url,
req,
res,
initialPath,
handlePostRequest,
broadcastToClients() {},
};
try {
const handled = await routes.handleLiteLLMApiRoutes(ctx);
if (!handled) {
res.writeHead(404, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ error: 'Not Found' }));
}
} catch (err: any) {
res.writeHead(500, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ error: err?.message || String(err) }));
}
});
await new Promise<void>((resolve) => server.listen(0, () => resolve()));
const addr = server.address();
const port = typeof addr === 'object' && addr ? addr.port : 0;
return { server, baseUrl: `http://127.0.0.1:${port}` };
}
function loadMaskApiKey(): (apiKey: string) => string {
const filePath = new URL('../../src/templates/dashboard-js/views/api-settings.js', import.meta.url);
const source = readFileSync(filePath, 'utf8');
const match = source.match(/function\s+maskApiKey\(apiKey\)\s*\{[\s\S]*?\r?\n\}/);
if (!match) {
throw new Error('maskApiKey function not found in api-settings.js');
}
// eslint-disable-next-line no-new-func
const fn = new Function(`${match[0]}; return maskApiKey;`) as () => (apiKey: string) => string;
return fn();
}
describe('security: credential handling', async () => {
const maskApiKey = loadMaskApiKey();
function listFilesRecursive(dirPath: string): string[] {
const results: string[] = [];
const entries = readdirSync(dirPath, { withFileTypes: true });
for (const entry of entries) {
const fullPath = path.join(dirPath, entry.name);
if (entry.isDirectory()) results.push(...listFilesRecursive(fullPath));
else if (entry.isFile()) results.push(fullPath);
}
return results;
}
before(async () => {
mod = await import(configManagerUrl.href);
routes = await import(litellmRoutesUrl.href);
});
beforeEach(() => {
process.env.TEST_API_KEY = originalEnv.TEST_API_KEY;
rmSync(CONFIG_PATH, { force: true });
});
afterEach(() => {
mock.restoreAll();
});
after(() => {
process.env.CCW_DATA_DIR = originalEnv.CCW_DATA_DIR;
process.env.TEST_API_KEY = originalEnv.TEST_API_KEY;
rmSync(CCW_HOME, { recursive: true, force: true });
rmSync(PROJECT_ROOT, { recursive: true, force: true });
});
it('resolveEnvVar returns input unchanged when not ${ENV_VAR}', () => {
assert.equal(mod.resolveEnvVar('sk-test-1234'), 'sk-test-1234');
assert.equal(mod.resolveEnvVar(''), '');
});
it('resolveEnvVar resolves ${ENV_VAR} syntax', () => {
process.env.TEST_API_KEY = 'sk-test-resolved';
assert.equal(mod.resolveEnvVar('${TEST_API_KEY}'), 'sk-test-resolved');
});
it('resolveEnvVar returns empty string when env var is missing', () => {
delete process.env.TEST_API_KEY;
assert.equal(mod.resolveEnvVar('${TEST_API_KEY}'), '');
});
it('getProviderWithResolvedEnvVars returns provider with resolvedApiKey', () => {
process.env.TEST_API_KEY = 'sk-test-resolved';
const provider = mod.addProvider(PROJECT_ROOT, {
name: 'Test Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const resolved = mod.getProviderWithResolvedEnvVars(PROJECT_ROOT, provider.id);
assert.ok(resolved);
assert.equal(resolved.id, provider.id);
assert.equal(resolved.resolvedApiKey, 'sk-test-resolved');
});
it('resolveEnvVar does not log resolved credential values', () => {
const secret = 'sk-test-secret-1234567890';
process.env.TEST_API_KEY = secret;
const calls: string[] = [];
mock.method(console, 'log', (...args: unknown[]) => calls.push(args.map(String).join(' ')));
mock.method(console, 'error', (...args: unknown[]) => calls.push(args.map(String).join(' ')));
assert.equal(mod.resolveEnvVar('${TEST_API_KEY}'), secret);
assert.equal(calls.some((line) => line.includes(secret)), false);
});
it('getProviderWithResolvedEnvVars does not log resolved credential values', () => {
const secret = 'sk-test-secret-abcdef123456';
process.env.TEST_API_KEY = secret;
const calls: string[] = [];
mock.method(console, 'log', (...args: unknown[]) => calls.push(args.map(String).join(' ')));
mock.method(console, 'error', (...args: unknown[]) => calls.push(args.map(String).join(' ')));
const provider = mod.addProvider(PROJECT_ROOT, {
name: 'Test Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const resolved = mod.getProviderWithResolvedEnvVars(PROJECT_ROOT, provider.id);
assert.ok(resolved);
assert.equal(resolved.resolvedApiKey, secret);
assert.equal(calls.some((line) => line.includes(secret)), false);
});
it('loadLiteLLMApiConfig logs parse errors without leaking credentials', () => {
const secret = 'sk-test-secret-in-file-1234';
mkdirSync(CONFIG_DIR, { recursive: true });
writeFileSync(CONFIG_PATH, `{\"providers\":[{\"apiKey\":\"${secret}\"`, 'utf8');
const calls: string[] = [];
mock.method(console, 'error', (...args: unknown[]) => calls.push(args.map(String).join(' ')));
const config = mod.loadLiteLLMApiConfig(PROJECT_ROOT);
assert.equal(Array.isArray(config.providers), true);
assert.equal(config.providers.length, 0);
assert.equal(calls.length > 0, true);
assert.equal(calls.some((line) => line.includes(secret)), false);
});
it('loadLiteLLMApiConfig stack traces do not include raw credentials', () => {
const secret = 'sk-test-secret-stack-9999';
mkdirSync(CONFIG_DIR, { recursive: true });
writeFileSync(CONFIG_PATH, `{\"providers\":[{\"apiKey\":\"${secret}\"`, 'utf8');
const errorArgs: unknown[][] = [];
mock.method(console, 'error', (...args: unknown[]) => errorArgs.push(args));
mod.loadLiteLLMApiConfig(PROJECT_ROOT);
const errorObj = errorArgs.flat().find((arg) => arg instanceof Error) as Error | undefined;
assert.ok(errorObj);
assert.equal(String(errorObj.stack ?? '').includes(secret), false);
});
it('maskApiKey hides raw keys but keeps env var references readable', () => {
assert.equal(maskApiKey(''), '');
assert.equal(maskApiKey('${TEST_API_KEY}'), '${TEST_API_KEY}');
assert.equal(maskApiKey('short'), '***');
assert.equal(maskApiKey('sk-test-1234567890'), 'sk-t...7890');
});
it('getProviderWithResolvedEnvVars is safe to stringify (no env var syntax or resolved secrets)', () => {
const secret = 'sk-test-secret-json-0000';
process.env.TEST_API_KEY = secret;
const provider = mod.addProvider(PROJECT_ROOT, {
name: 'Test Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const resolved = mod.getProviderWithResolvedEnvVars(PROJECT_ROOT, provider.id);
assert.ok(resolved);
const payload = JSON.stringify(resolved);
assert.equal(payload.includes(secret), false);
assert.equal(payload.includes('${TEST_API_KEY}'), false);
assert.equal(payload.includes('resolvedApiKey'), false);
});
it('API responses do not expose env var syntax for provider apiKey', async () => {
process.env.TEST_API_KEY = 'sk-test-secret-api-1111';
mod.addProvider(PROJECT_ROOT, {
name: 'Test Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const { server, baseUrl } = await createServer(PROJECT_ROOT);
try {
const res = await requestJson(baseUrl, 'GET', '/api/litellm-api/providers');
assert.equal(res.status, 200);
assert.ok(res.json?.providers);
assert.equal(res.text.includes('${TEST_API_KEY}'), false);
assert.equal(res.text.includes('${'), false);
} finally {
await new Promise<void>((resolve) => server.close(() => resolve()));
}
});
it('API responses do not expose resolved secrets in generated rotation endpoints', async () => {
const secret = 'sk-test-secret-rotation-2222';
process.env.TEST_API_KEY = secret;
const provider = mod.addProvider(PROJECT_ROOT, {
name: 'Embed Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
// Ensure provider has an enabled embedding model.
mod.updateProvider(PROJECT_ROOT, provider.id, {
embeddingModels: [{
id: 'emb-1',
name: 'text-embedding-test',
type: 'embedding',
series: 'Test',
enabled: true,
}],
});
// Configure legacy rotation directly in the config file (avoid auto-sync side effects).
mkdirSync(CONFIG_DIR, { recursive: true });
const config = mod.loadLiteLLMApiConfig(PROJECT_ROOT);
config.codexlensEmbeddingRotation = {
enabled: true,
strategy: 'round_robin',
defaultCooldown: 60,
targetModel: 'text-embedding-test',
providers: [{
providerId: provider.id,
modelId: 'emb-1',
useAllKeys: true,
weight: 1.0,
maxConcurrentPerKey: 4,
enabled: true,
}],
};
writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2), 'utf8');
const { server, baseUrl } = await createServer(PROJECT_ROOT);
try {
const res = await requestJson(baseUrl, 'GET', '/api/litellm-api/codexlens/rotation/endpoints');
assert.equal(res.status, 200);
assert.ok(res.json?.endpoints);
assert.equal(res.text.includes(secret), false);
assert.equal(res.text.includes('${TEST_API_KEY}'), false);
assert.equal(res.text.includes('${'), false);
} finally {
await new Promise<void>((resolve) => server.close(() => resolve()));
}
});
it('stores env var references without persisting resolved secrets when available', () => {
const secret = 'sk-test-secret-storage-3333';
process.env.TEST_API_KEY = secret;
mod.addProvider(PROJECT_ROOT, {
name: 'Stored Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const content = readFileSync(CONFIG_PATH, 'utf8');
assert.equal(content.includes('${TEST_API_KEY}'), true);
assert.equal(content.includes(secret), false);
});
it('does not write resolved secrets into ancillary files under CCW_DATA_DIR', () => {
const secret = 'sk-test-secret-storage-scan-4444';
process.env.TEST_API_KEY = secret;
mod.addProvider(PROJECT_ROOT, {
name: 'Stored Provider',
type: 'openai',
apiKey: '${TEST_API_KEY}',
apiBase: undefined,
enabled: true,
});
const files = listFilesRecursive(CCW_HOME);
assert.ok(files.length > 0);
for (const filePath of files) {
const content = readFileSync(filePath, 'utf8');
assert.equal(content.includes(secret), false);
}
});
it('writes config file with restrictive permissions where supported', () => {
mod.addProvider(PROJECT_ROOT, {
name: 'Perms Provider',
type: 'openai',
apiKey: 'sk-test-raw-key',
apiBase: undefined,
enabled: true,
});
const stat = statSync(CONFIG_PATH);
assert.equal(stat.isFile(), true);
if (process.platform === 'win32') return;
// Require no permissions for group/others (0600).
const mode = stat.mode & 0o777;
assert.equal(mode & 0o077, 0);
});
});

294
ccw/tests/security/csrf.test.ts Normal file
View File

@@ -0,0 +1,294 @@
/**
* Security regression tests for CSRF protection (DSC-006).
*
* Verifies:
* - State-changing API routes require a valid CSRF token (cookie/header/body)
* - Tokens are single-use and session-bound
* - CORS rejects non-localhost origins (browser-enforced via mismatched Allow-Origin)
* - Development bypass flag disables CSRF validation
*/
import { after, before, describe, it, mock } from 'node:test';
import assert from 'node:assert/strict';
import http from 'node:http';
import { mkdtempSync, rmSync } from 'node:fs';
import { tmpdir } from 'node:os';
import { join } from 'node:path';
type HttpResult = {
status: number;
body: string;
headers: http.IncomingHttpHeaders;
};
function httpRequest(options: http.RequestOptions, body?: string, timeout = 10000): Promise<HttpResult> {
return new Promise((resolve, reject) => {
const req = http.request(options, (res) => {
let data = '';
res.on('data', chunk => data += chunk);
res.on('end', () => resolve({ status: res.statusCode || 0, body: data, headers: res.headers }));
});
req.on('error', reject);
req.setTimeout(timeout, () => {
req.destroy();
reject(new Error('Request timeout'));
});
if (body) req.write(body);
req.end();
});
}
function updateCookieJar(jar: Record<string, string>, setCookie: string | string[] | undefined): void {
if (!setCookie) return;
const cookies = Array.isArray(setCookie) ? setCookie : [setCookie];
for (const cookie of cookies) {
const pair = cookie.split(';')[0]?.trim();
if (!pair) continue;
const [name, ...valueParts] = pair.split('=');
jar[name] = valueParts.join('=');
}
}
function cookieHeader(jar: Record<string, string>): string {
return Object.entries(jar)
.map(([name, value]) => `${name}=${value}`)
.join('; ');
}
function cloneJar(jar: Record<string, string>): Record<string, string> {
return { ...jar };
}
async function getDashboardSession(port: number): Promise<{ jar: Record<string, string>; csrfHeader: string | null }> {
const jar: Record<string, string> = {};
const res = await httpRequest({ hostname: '127.0.0.1', port, path: '/', method: 'GET' });
updateCookieJar(jar, res.headers['set-cookie']);
return { jar, csrfHeader: typeof res.headers['x-csrf-token'] === 'string' ? res.headers['x-csrf-token'] : null };
}
async function postNotify(port: number, jar: Record<string, string>, extraHeaders?: Record<string, string>, body?: unknown): Promise<HttpResult> {
const payload = body === undefined ? { type: 'REFRESH_REQUIRED', scope: 'all' } : body;
const encoded = JSON.stringify(payload);
return httpRequest(
{
hostname: '127.0.0.1',
port,
path: '/api/system/notify',
method: 'POST',
headers: {
'Content-Type': 'application/json',
...(Object.keys(jar).length ? { Cookie: cookieHeader(jar) } : {}),
...(extraHeaders ?? {}),
},
},
encoded,
);
}
const ORIGINAL_ENV = { ...process.env };
const serverUrl = new URL('../../dist/core/server.js', import.meta.url).href;
const csrfManagerUrl = new URL('../../dist/core/auth/csrf-manager.js', import.meta.url).href;
describe('security: CSRF protection', async () => {
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let serverMod: any;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let csrfMod: any;
let server: http.Server;
let port: number;
let projectRoot: string;
let ccwHome: string;
before(async () => {
projectRoot = mkdtempSync(join(tmpdir(), 'ccw-csrf-project-'));
ccwHome = mkdtempSync(join(tmpdir(), 'ccw-csrf-home-'));
process.env = { ...ORIGINAL_ENV, CCW_DATA_DIR: ccwHome };
serverMod = await import(serverUrl);
csrfMod = await import(csrfManagerUrl);
mock.method(console, 'log', () => {});
mock.method(console, 'error', () => {});
server = await serverMod.startServer({ initialPath: projectRoot, port: 0 });
const addr = server.address();
port = typeof addr === 'object' && addr ? addr.port : 0;
assert.ok(port > 0, 'Server should start on a valid port');
});
after(async () => {
await new Promise<void>((resolve) => server.close(() => resolve()));
mock.restoreAll();
process.env = ORIGINAL_ENV;
rmSync(projectRoot, { recursive: true, force: true });
rmSync(ccwHome, { recursive: true, force: true });
});
it('blocks POST requests without CSRF token', async () => {
const { jar } = await getDashboardSession(port);
delete jar['XSRF-TOKEN'];
const res = await postNotify(port, jar);
assert.equal(res.status, 403);
assert.ok(res.body.includes('CSRF validation failed'));
});
it('blocks POST requests with forged CSRF token', async () => {
const { jar } = await getDashboardSession(port);
jar['XSRF-TOKEN'] = 'forged-token';
const res = await postNotify(port, jar);
assert.equal(res.status, 403);
});
it('blocks expired CSRF tokens', async () => {
csrfMod.resetCsrfTokenManager();
csrfMod.getCsrfTokenManager({ tokenTtlMs: 1, cleanupIntervalMs: 0 });
const { jar } = await getDashboardSession(port);
await new Promise(resolve => setTimeout(resolve, 10));
const res = await postNotify(port, jar);
assert.equal(res.status, 403);
csrfMod.resetCsrfTokenManager();
});
it('blocks token reuse (single-use tokens)', async () => {
const { jar } = await getDashboardSession(port);
const oldToken = jar['XSRF-TOKEN'];
const first = await postNotify(port, jar);
assert.equal(first.status, 200);
updateCookieJar(jar, first.headers['set-cookie']);
// Try again using the old token explicitly (should fail).
const reuseJar = cloneJar(jar);
reuseJar['XSRF-TOKEN'] = oldToken;
const secondUse = await postNotify(port, reuseJar);
assert.equal(secondUse.status, 403);
});
it('blocks CSRF token theft across sessions', async () => {
const sessionA = await getDashboardSession(port);
const sessionB = await getDashboardSession(port);
const jar = cloneJar(sessionB.jar);
jar['XSRF-TOKEN'] = sessionA.jar['XSRF-TOKEN'];
const res = await postNotify(port, jar);
assert.equal(res.status, 403);
});
it('does not require CSRF on GET requests', async () => {
const { jar } = await getDashboardSession(port);
const res = await httpRequest({
hostname: '127.0.0.1',
port,
path: '/api/health',
method: 'GET',
headers: { Cookie: cookieHeader(jar) },
});
assert.equal(res.status, 200);
});
it('accepts CSRF token provided via cookie (legitimate flow)', async () => {
const { jar } = await getDashboardSession(port);
const res = await postNotify(port, jar);
assert.equal(res.status, 200);
});
it('accepts CSRF token provided via header', async () => {
const { jar } = await getDashboardSession(port);
const token = jar['XSRF-TOKEN'];
delete jar['XSRF-TOKEN'];
const res = await postNotify(port, jar, { 'X-CSRF-Token': token });
assert.equal(res.status, 200);
});
it('accepts CSRF token provided via request body', async () => {
const { jar } = await getDashboardSession(port);
const token = jar['XSRF-TOKEN'];
delete jar['XSRF-TOKEN'];
const res = await postNotify(port, jar, undefined, { type: 'REFRESH_REQUIRED', scope: 'all', csrfToken: token });
assert.equal(res.status, 200);
});
it('rotates CSRF token after successful POST', async () => {
const { jar } = await getDashboardSession(port);
const firstToken = jar['XSRF-TOKEN'];
const res = await postNotify(port, jar);
assert.equal(res.status, 200);
updateCookieJar(jar, res.headers['set-cookie']);
assert.notEqual(jar['XSRF-TOKEN'], firstToken);
});
it('allows localhost origins and rejects external origins (CORS)', async () => {
const allowedOrigin = `http://localhost:${port}`;
const allowed = await httpRequest({
hostname: '127.0.0.1',
port,
path: '/api/health',
method: 'GET',
headers: { Origin: allowedOrigin },
});
assert.equal(allowed.headers['access-control-allow-origin'], allowedOrigin);
assert.equal(allowed.headers['vary'], 'Origin');
const evilOrigin = 'http://evil.com';
const denied = await httpRequest({
hostname: '127.0.0.1',
port,
path: '/api/health',
method: 'GET',
headers: { Origin: evilOrigin },
});
assert.notEqual(denied.headers['access-control-allow-origin'], evilOrigin);
assert.equal(denied.headers['access-control-allow-origin'], `http://localhost:${port}`);
});
it('bypasses CSRF validation when CCW_DISABLE_CSRF=true', async () => {
process.env.CCW_DISABLE_CSRF = 'true';
const { jar } = await getDashboardSession(port);
delete jar['XSRF-TOKEN'];
const res = await postNotify(port, jar);
assert.equal(res.status, 200);
delete process.env.CCW_DISABLE_CSRF;
});
it('skips CSRF validation for Authorization header auth', async () => {
const tokenRes = await httpRequest({
hostname: '127.0.0.1',
port,
path: '/api/auth/token',
method: 'GET',
});
const parsed = JSON.parse(tokenRes.body) as { token: string };
assert.ok(parsed.token);
const res = await httpRequest(
{
hostname: '127.0.0.1',
port,
path: '/api/system/notify',
method: 'POST',
headers: {
Authorization: `Bearer ${parsed.token}`,
'Content-Type': 'application/json',
},
},
JSON.stringify({ type: 'REFRESH_REQUIRED', scope: 'all' }),
);
assert.equal(res.status, 200);
});
});

225
ccw/tests/security/path-traversal.test.ts Normal file
View File

@@ -0,0 +1,225 @@
/**
* Regression tests for path traversal protections (DSC-005).
*
* Focus:
* - Allowlist enforcement + boundary checks (no "/allowedness" bypass)
* - Symlink target re-validation via realpath
* - Non-existent path handling via parent-directory validation
*
* Notes:
* - Targets runtime implementation shipped in `ccw/dist`.
* - Uses stubbed fs + fs/promises to avoid touching real filesystem.
*/
import { after, before, beforeEach, describe, it } from 'node:test';
import assert from 'node:assert/strict';
import path from 'node:path';
import { createRequire } from 'node:module';
const require = createRequire(import.meta.url);
// eslint-disable-next-line @typescript-eslint/no-var-requires
const fsp = require('node:fs/promises') as typeof import('node:fs/promises');
// eslint-disable-next-line @typescript-eslint/no-var-requires
const fs = require('node:fs') as typeof import('node:fs');
// eslint-disable-next-line @typescript-eslint/no-var-requires
const os = require('node:os') as typeof import('node:os');
const pathValidatorUrl = new URL('../../dist/utils/path-validator.js', import.meta.url);
pathValidatorUrl.searchParams.set('t', String(Date.now()));
const pathResolverUrl = new URL('../../dist/utils/path-resolver.js', import.meta.url);
pathResolverUrl.searchParams.set('t', String(Date.now()));
const ORIGINAL_ENV = { ...process.env };
function resetEnv(): void {
for (const key of Object.keys(process.env)) {
if (!(key in ORIGINAL_ENV)) delete process.env[key];
}
for (const [key, value] of Object.entries(ORIGINAL_ENV)) {
process.env[key] = value;
}
}
function enoent(message: string): Error & { code: string } {
const err = new Error(message) as Error & { code: string };
err.code = 'ENOENT';
return err;
}
type RealpathPlan = Map<string, { type: 'return'; value: string } | { type: 'throw'; error: any }>;
const realpathPlan: RealpathPlan = new Map();
const realpathCalls: string[] = [];
const originalRealpath = fsp.realpath;
fsp.realpath = (async (p: string) => {
realpathCalls.push(p);
const planned = realpathPlan.get(p);
if (!planned) {
throw enoent(`ENOENT: no such file or directory, realpath '${p}'`);
}
if (planned.type === 'throw') throw planned.error;
return planned.value;
}) as any;
type FsState = {
existing: Set<string>;
realpaths: Map<string, string>;
};
const fsState: FsState = {
existing: new Set(),
realpaths: new Map(),
};
function key(filePath: string): string {
return path.resolve(filePath).replace(/\\/g, '/').toLowerCase();
}
function setExists(filePath: string, exists: boolean): void {
const normalized = key(filePath);
if (exists) fsState.existing.add(normalized);
else fsState.existing.delete(normalized);
}
function setRealpath(filePath: string, realPath: string): void {
fsState.realpaths.set(key(filePath), realPath);
}
const originalFs = {
existsSync: fs.existsSync,
realpathSync: fs.realpathSync,
};
fs.existsSync = ((filePath: string) => fsState.existing.has(key(filePath))) as any;
fs.realpathSync = ((filePath: string) => {
const mapped = fsState.realpaths.get(key(filePath));
return mapped ?? filePath;
}) as any;
const originalHomedir = os.homedir;
const TEST_HOME = path.join(process.cwd(), '.tmp-ccw-security-home');
os.homedir = () => TEST_HOME;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let pathValidator: any;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let pathResolver: any;
describe('security: path traversal regression', async () => {
const isWindows = process.platform === 'win32';
const allowedRoot = isWindows ? 'C:\\allowed' : '/allowed';
const disallowedRoot = isWindows ? 'C:\\secret' : '/secret';
before(async () => {
pathValidator = await import(pathValidatorUrl.href);
pathResolver = await import(pathResolverUrl.href);
});
beforeEach(() => {
realpathCalls.length = 0;
realpathPlan.clear();
fsState.existing.clear();
fsState.realpaths.clear();
resetEnv();
});
it('path-validator rejects traversal/absolute escapes before realpath', async () => {
process.env.CCW_PROJECT_ROOT = allowedRoot;
const allowedDirectories = [allowedRoot];
const vectors: Array<{ name: string; input: string }> = [
{ name: 'absolute outside allowlist', input: path.join(disallowedRoot, 'secret.txt') },
{ name: 'allowed prefix but different dir (allowedness)', input: `${allowedRoot}ness${isWindows ? '\\\\' : '/'}file.txt` },
{ name: 'allowed prefix but different dir (allowed-evil)', input: `${allowedRoot}-evil${isWindows ? '\\\\' : '/'}file.txt` },
{ name: 'absolute contains .. segment escaping allowlist', input: `${allowedRoot}${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'absolute multi-.. escaping allowlist', input: `${allowedRoot}${isWindows ? '\\\\' : '/'}sub${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'relative traversal one level', input: `..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'relative traversal two levels', input: `..${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'mixed separators traversal', input: `sub${isWindows ? '/' : '/'}..${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'posix absolute escape', input: '/etc/passwd' },
{ name: 'encoded traversal (decoded once)', input: decodeURIComponent('%2e%2e%2f%2e%2e%2fetc%2fpasswd') },
{ name: 'double-encoded traversal (decoded twice)', input: decodeURIComponent(decodeURIComponent('%252e%252e%252f%252e%252e%252fetc%252fpasswd')) },
{ name: 'leading dot traversal', input: `.${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret.txt` },
{ name: 'nested traversal escape', input: 'sub/../../secret.txt' },
{ name: 'alt-drive absolute escape', input: isWindows ? 'D:\\\\secret\\\\file.txt' : '/var/secret/file.txt' },
{ name: 'UNC/extended path escape', input: isWindows ? '\\\\\\\\?\\\\C:\\\\secret\\\\file.txt' : '/private/secret/file.txt' },
];
for (const vector of vectors) {
await assert.rejects(
pathValidator.validatePath(vector.input, { allowedDirectories }),
(err: any) => err instanceof Error && err.message.includes('Access denied: path'),
vector.name,
);
}
assert.deepEqual(realpathCalls, []);
});
it('path-validator enforces directory-boundary allowlists', async () => {
process.env.CCW_PROJECT_ROOT = allowedRoot;
const allowedDirectories = [path.join(allowedRoot, 'dir')];
await assert.rejects(
pathValidator.validatePath(path.join(allowedRoot, 'dir-malicious', 'file.txt'), { allowedDirectories }),
(err: any) => err instanceof Error && err.message.includes('Access denied: path'),
);
const okPath = path.join(allowedRoot, 'dir', 'file.txt');
const resolvedOk = await pathValidator.validatePath(okPath, { allowedDirectories });
assert.equal(pathValidator.isPathWithinAllowedDirectories(resolvedOk, allowedDirectories), true);
});
it('path-validator rejects symlink targets outside allowlist', async () => {
const linkPath = path.join(allowedRoot, 'link.txt');
realpathPlan.set(linkPath, { type: 'return', value: path.join(disallowedRoot, 'target.txt') });
await assert.rejects(
pathValidator.validatePath(linkPath, { allowedDirectories: [allowedRoot] }),
(err: any) => err instanceof Error && err.message.includes('symlink target'),
);
});
it('path-validator rejects non-existent paths when the parent resolves outside allowlist', async () => {
const linkDir = path.join(allowedRoot, 'linkdir');
const newFile = path.join(linkDir, 'newfile.txt');
realpathPlan.set(newFile, { type: 'throw', error: enoent('missing') });
realpathPlan.set(linkDir, { type: 'return', value: disallowedRoot });
await assert.rejects(
pathValidator.validatePath(newFile, { allowedDirectories: [allowedRoot] }),
(err: any) => err instanceof Error && err.message.includes('parent directory'),
);
});
it('path-resolver validates baseDir before and after symlink resolution', () => {
const baseDir = allowedRoot;
setExists(baseDir, true);
const traversal = pathResolver.validatePath(`${baseDir}${isWindows ? '\\\\' : '/'}..${isWindows ? '\\\\' : '/'}secret`, { baseDir });
assert.equal(traversal.valid, false);
assert.ok(traversal.error?.includes('Path must be within'));
const linkPath = path.join(baseDir, 'link');
setExists(linkPath, true);
setRealpath(linkPath, disallowedRoot);
const symlinkEscape = pathResolver.validatePath(linkPath, { baseDir });
assert.equal(symlinkEscape.valid, false);
assert.ok(symlinkEscape.error?.includes('Path must be within'));
setExists(linkPath, true);
const symlinkParentEscape = pathResolver.validatePath(path.join(linkPath, 'newfile.txt'), { baseDir });
assert.equal(symlinkParentEscape.valid, false);
assert.ok(symlinkParentEscape.error?.includes('Path must be within'));
});
});
after(() => {
fsp.realpath = originalRealpath;
fs.existsSync = originalFs.existsSync;
fs.realpathSync = originalFs.realpathSync;
os.homedir = originalHomedir;
resetEnv();
});