molecule-core

History

Molecule AI Core-DevOps 4474ddc189 fix(workspace): add SSRF validation before writing external workspace URL Issue #212: POST /workspaces with runtime=external and a URL wrote the URL directly to the DB without validateAgentURL checking (the same check that registry.go:324 applies to the heartbeat path). An attacker with AdminAuth could register a workspace URL at a cloud metadata endpoint (169.254.169.254) and exfiltrate IAM credentials when the platform fires pre-restart drain signals. Changes: - workspace.go: add validateAgentURL(payload.URL) guard before the UPDATE at line 386. 400 on unsafe URL, no DB write occurs. - workspace_test.go: add 3 regression tests: - TestWorkspaceCreate_ExternalURL_SSRFSafe: safe public URL → 201 - TestWorkspaceCreate_ExternalURL_SSRFMetadataBlocked: 169.254.169.254 → 400 - TestWorkspaceCreate_ExternalURL_SSRFLoopbackBlocked: 127.0.0.1 → 400 Both unsafe tests assert zero DB calls (the handler rejects before any transaction). Ref: issue #212. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>		2026-05-10 02:30:18 +00:00
..
artifacts
buildinfo
bundle
channels
crypto
db
envx
events
handlers	fix(workspace): add SSRF validation before writing external workspace URL	2026-05-10 02:30:18 +00:00
imagewatch
memory
messagestore
metrics
middleware	docs(ratelimit): tighten dev-mode comment after keyFor refactor	2026-05-07 14:57:21 -07:00
models
orgtoken
pendinguploads	fix(test): poll error counter to 0 before asserting in RecordsMetricsOnSuccess	2026-05-09 23:27:19 +00:00
plugins	feat(plugins): plugin drift detector + queue + admin apply endpoint (#123 )	2026-05-10 00:39:50 +00:00
provisioner	tech-debt: rename molecule-monorepo-net -> molecule-core-net	2026-05-09 20:51:48 +00:00
provlog
registry	chore: reconcile main → staging post-suspension divergence	2026-05-07 14:24:37 -07:00
router	feat(plugins): plugin drift detector + queue + admin apply endpoint (#123 )	2026-05-10 00:39:50 +00:00
scheduler
supervised
textutil
ws
wsauth