ake/paperclip
1
0
Fork 0
mirror of https://github.com/alkimake/paperclip.git synced 2026-06-15 10:30:37 +09:00
Code Issues Projects Releases Packages Wiki Activity

Add board mutation guard middleware

Browse source 
Require trusted browser origin (Origin or Referer header) for
mutating requests from board actors, preventing cross-origin
mutation attempts against the local-trusted API.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Forgotten 2026-02-20 15:48:30 -06:00
parent 49e15f056d
commit 82da8739c1
3 changed files with 123 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/src/app.ts
View file

@ -6,6 +6,7 @@ import type { Db } from "@paperclip/db";
import type { StorageService } from "./storage/types.js";
import { httpLogger, errorHandler } from "./middleware/index.js";
import { actorMiddleware } from "./middleware/auth.js";
import { boardMutationGuard } from "./middleware/board-mutation-guard.js";
import { healthRoutes } from "./routes/health.js";
import { companyRoutes } from "./routes/companies.js";
import { agentRoutes } from "./routes/agents.js";
@ -33,6 +34,7 @@ export async function createApp(db: Db, opts: { uiMode: UiMode; storageService:
// Mount API routes
const api = Router();
api.use(boardMutationGuard());
api.use("/health", healthRoutes());
api.use("/companies", companyRoutes(db));
api.use(agentRoutes(db));