Mike/ShieldAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FRE-4500: Fix security review findings (Critical/High/Medium/Low)

Browse Source 
- Critical #1: Add auth check to ingest endpoints (use request.user.id)
- Critical #2: Add IDOR protection on group endpoints (userId ownership)
- High #3: Register auth middleware in server.ts (populates request.user)
- High #4: Add Fastify schema validation to all route handlers
- Medium #5: Add NormalizedAlert/CorrelationGroup models to Prisma schema
- Medium #6: Sanitize payload storage in normalizer (depth limit, circular ref)
- Low #7: Restrict CORS origins (use CORS_ORIGIN env var)
Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Michael Freno
2026-05-02 16:40:01 -04:00
parent 274afa6335
commit 0afdf8b6e8
8 changed files with 132 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.turbo/cache/df8d582601d96e8d-meta.json vendored Normal file
View File

@@ -0,0 +1 @@
{"hash":"df8d582601d96e8d","duration":684,"sha":"274afa63352200107e5e3ed5a783555fe3c68e37","dirty_hash":"1b22568f1b7a3df274940e36b290211b3251b700c1e1286bc843ed3e00b07e05"}