Merge pull request 'fix(workspace): complete OFFSEC-003 fix — promote full sanitization to main' (#433) from fix/offsec-003-promote-to-main into main
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 16s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 11s
E2E API Smoke Test / detect-changes (push) Successful in 57s
CI / Detect changes (push) Successful in 1m0s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 54s
Handlers Postgres Integration / detect-changes (push) Successful in 51s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 48s
publish-runtime-autobump / autobump-and-tag (push) Failing after 1m28s
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 6s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 13s
CI / Shellcheck (E2E scripts) (push) Successful in 8s
CI / Platform (Go) (push) Successful in 9s
CI / Canvas (Next.js) (push) Successful in 11s
E2E API Smoke Test / E2E API Smoke Test (push) Successful in 8s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 9s
Canary — staging SaaS smoke (every 30 min) / Canary smoke (push) Failing after 4m33s
CI / Canvas Deploy Reminder (push) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 3m27s
main-red-watchdog / watchdog (push) Successful in 46s
CI / Python Lint & Test (push) Has been cancelled
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Failing after 4m48s
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 16s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 11s
E2E API Smoke Test / detect-changes (push) Successful in 57s
CI / Detect changes (push) Successful in 1m0s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 54s
Handlers Postgres Integration / detect-changes (push) Successful in 51s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 48s
publish-runtime-autobump / autobump-and-tag (push) Failing after 1m28s
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 6s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 13s
CI / Shellcheck (E2E scripts) (push) Successful in 8s
CI / Platform (Go) (push) Successful in 9s
CI / Canvas (Next.js) (push) Successful in 11s
E2E API Smoke Test / E2E API Smoke Test (push) Successful in 8s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 9s
Canary — staging SaaS smoke (every 30 min) / Canary smoke (push) Failing after 4m33s
CI / Canvas Deploy Reminder (push) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 3m27s
main-red-watchdog / watchdog (push) Successful in 46s
CI / Python Lint & Test (push) Has been cancelled
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Failing after 4m48s
This commit is contained in:
commit
c2048f5d8a
@ -167,12 +167,19 @@ async def _delegate_sync_via_polling(
|
||||
break
|
||||
if terminal:
|
||||
if (terminal.get("status") or "").lower() == "completed":
|
||||
return terminal.get("response_preview") or ""
|
||||
err = (
|
||||
# OFFSEC-003: sanitize response_preview before returning so
|
||||
# boundary markers injected by a malicious peer cannot escape
|
||||
# the trust boundary.
|
||||
return sanitize_a2a_result(terminal.get("response_preview") or "")
|
||||
# OFFSEC-003: sanitize error_detail / summary before wrapping with
|
||||
# the _A2A_ERROR_PREFIX sentinel so injected markers cannot appear
|
||||
# inside the trusted error block returned to the agent.
|
||||
err_raw = (
|
||||
terminal.get("error_detail")
|
||||
or terminal.get("summary")
|
||||
or "delegation failed"
|
||||
)
|
||||
err = sanitize_a2a_result(err_raw)
|
||||
return f"{_A2A_ERROR_PREFIX}{err}"
|
||||
|
||||
await asyncio.sleep(_SYNC_POLL_INTERVAL_S)
|
||||
@ -408,12 +415,11 @@ async def tool_check_task_status(
|
||||
# Filter by delegation_id
|
||||
matching = [d for d in delegations if d.get("delegation_id") == task_id]
|
||||
if matching:
|
||||
entry = dict(matching[0])
|
||||
# OFFSEC-003: sanitize peer-generated text fields
|
||||
for field in ("result", "response_preview"):
|
||||
if field in entry and entry[field]:
|
||||
entry[field] = sanitize_a2a_result(str(entry[field]))
|
||||
return json.dumps(entry)
|
||||
# OFFSEC-003: sanitize peer-supplied fields
|
||||
d = matching[0]
|
||||
d["summary"] = sanitize_a2a_result(d.get("summary", ""))
|
||||
d["response_preview"] = sanitize_a2a_result(d.get("response_preview", ""))
|
||||
return json.dumps(d)
|
||||
return json.dumps({"status": "not_found", "delegation_id": task_id})
|
||||
# Return all recent delegations
|
||||
summary = []
|
||||
@ -425,7 +431,7 @@ async def tool_check_task_status(
|
||||
"delegation_id": d.get("delegation_id", ""),
|
||||
"target_id": d.get("target_id", ""),
|
||||
"status": d.get("status", ""),
|
||||
"summary": d.get("summary", ""),
|
||||
"summary": sanitize_a2a_result(d.get("summary", "")),
|
||||
"response_preview": preview,
|
||||
})
|
||||
return json.dumps({"delegations": summary, "count": len(delegations)})
|
||||
|
||||
Loading…
Reference in New Issue
Block a user