security: SESSION_COOKIE_SECURE + nginx IP validation #3

Open
profit wants to merge 0 commits from security/session-cookie-and-nginx-ip-guard into main
Owner

Two hardening fixes from a fresh security pass:

  • SESSION_COOKIE_SECURE=True (was only HTTPONLY+SAMESITE)
  • _nginx_ban validates IP via ipaddress.ip_address before writing the nginx deny rule (config-injection guard at the sink)

Verified: py_compile clean; guard rejects injection payloads.

Two hardening fixes from a fresh security pass: - SESSION_COOKIE_SECURE=True (was only HTTPONLY+SAMESITE) - _nginx_ban validates IP via ipaddress.ip_address before writing the nginx deny rule (config-injection guard at the sink) Verified: py_compile clean; guard rejects injection payloads.
profit added 1 commit 2026-06-21 03:45:03 +00:00
Two hardening fixes from a fresh security pass of the live code:

- SESSION_COOKIE_SECURE=True: the session cookie set only HTTPONLY +
  SAMESITE=Lax, so it could be sent over plaintext HTTP. App is served
  behind nginx TLS, so no functional downside.
- _nginx_ban: validate the IP with ipaddress.ip_address() before
  interpolating it into the nginx deny file. A malformed value could
  otherwise inject nginx directives at the last write before reload.
  Guard sits at the sink, covering all current and future callers.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Author
Owner

ℹ️ Gitea merged this (commit 86b3093) but its PR-status queue is stalled so the badge still shows 'open' — it IS merged into main.

ℹ️ Gitea merged this (commit 86b3093) but its PR-status queue is stalled so the badge still shows 'open' — it IS merged into main.
This branch is already included in the target branch. There is nothing to merge.

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin security/session-cookie-and-nginx-ip-guard:security/session-cookie-and-nginx-ip-guard
git checkout security/session-cookie-and-nginx-ip-guard
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: profit/llm-team-ui#3
No description provided.