All four WebSocket security and AI-trigger issues (#134, #136, #138, …#230
Merged
Conversation
|
@harystyleseze Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Resolves four audit findings in the agent WebSocket server.
Changes
#134 — Authorize userId ownership on WebSocket
Extracted
validateUserId()(pure function) to reject empty/whitespace-only strings, strings over 128 chars, andstrings with ASCII control characters. Connection handler now returns 4000 for invalid userId and 4001 if that userId
already has an active session, preventing silent session overwrite.
#136 — Add WebSocket origin allowlist
Added
ALLOWED_ORIGINSenv variable (comma-separated, defaults tohttp://localhost:3000).NotificationServernowaccepts an
allowedOriginsoption and passesverifyClientto the underlyingWebSocketServer. Non-browser clients(no
Originheader) are always accepted. Empty list = allow all (dev/test mode).#138 — Send proactive messages only to target user
Removed the
(notificationServer as unknown as {...}).clientstype-unsafe cast and thebroadcastMessage()call thatwas sending one user's AI-generated financial data (balance, shortfall, contribution amounts) to every connected
client. Replaced with
notificationServer.sendMessage(goal.userId, ...)using the now-public targeted send method.#141 — Wire AI proactive trigger into monitoring loop
triggerProactiveMessagewas defined but never called. The monitoring loop instartMonitoring()now accepts anoptional
aiTriggercallback viaNotificationServerOptions. When set, falling-behind goals receive an AI-generatedGemini message instead of the built-in template.
hasNotifiedis set before the async call to prevent re-entry on thenext 5-minute tick.
Test plan
npm run buildpasses with no TypeScript errorsnpm run test— 65 tests across 7 suites, all passwebsocket-server.test.tscoversvalidateUserId(13 cases) andisOriginAllowed(8 cases)env.test.tscoversparseAllowedOrigins(6 cases) andALLOWED_ORIGINSinvalidateEnv