fix: comprehensive security hardening and bug fixes across all codebases#1299
Closed
eren-karakus0 wants to merge 1 commit intoeigent-ai:mainfrom
Closed
Conversation
Server (8 fixes): - Prevent reflected XSS in redirect callback via html.escape - Fix KeyError crash in MCP install using .get() with defaults - Add IDOR protection to GET/DELETE /mcp/users endpoints - Block login for users with Status.Block in both password and OAuth flows - Guard auth_must against None tokens and deleted users - Add missing total_failed_tasks key to grouped history defaultdict - Prevent path traversal in snapshot image save via regex + realpath check Electron (5 fixes): - Enable code signature verification for auto-updater - Add escapeHtml utility to sanitize xlsx/csv/pptx parser output - Fix event listener accumulation in update download flow - Replace shell.openPath with shell.showItemInFolder for directories - Redact OAuth tokens from log output Frontend (5 fixes): - Guard against division by zero in task progress calculation - Sanitize dangerouslySetInnerHTML with DOMPurify in input and textarea - Replace Math.random with crypto.getRandomValues for ID generation - Remove VITE_STACK_SECRET_SERVER_KEY from client-side hasStackKeys check Backend (4 fixes): - Add threading.Lock mutex to protect task_locks from race conditions - Use tempfile.mkstemp for unique temp files in cookie manager - Reject absolute paths in sanitize_env_path to prevent traversal - Add remove_state() method to OAuthStateManager for proper lock usage Includes 43 new tests covering all fixes across pytest and vitest.
bytecii
reviewed
Feb 19, 2026
Collaborator
bytecii
left a comment
bytecii
left a comment
There was a problem hiding this comment.
Can you split the pr? Thanks.
Contributor
Author
|
Closed in favor of split PRs as requested:
Each PR is now scoped to a single codebase for easier review. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Comprehensive security audit and bug fix pass across all four codebases (server, electron, frontend, backend). This PR addresses 22 issues including XSS vulnerabilities, IDOR access control gaps, authentication bypasses, race conditions, path traversal vectors, and runtime crashes.
Server Fixes (8)
codeparameter injected unescaped into HTML response. Fixed withhtml.escape()..get()defaults.user_idownership filter allows any authenticated user to read other users' MCP configs. AddedMcpUser.user_id == user_idfilter.by_passwordanddev_loginendpoints don't checkStatus.Block. Added status check to both.oauth2_scheme(auto_error=False)can passNonetoken, causing unhandled exception. Added None guard + user existence check.defaultdictfactory missingtotal_failed_taskskey. Added with default0.api_task_idused directly inos.path.joinwithout sanitization. Added regex whitelist +realpathboundary check.Electron Fixes (5)
verifyUpdateCodeSignaturewas set tofalse, allowing unsigned updates. Changed totrue.escapeHtml()utility function.startDownloadadds new listeners each call without cleanup, causing memory leaks. AddedremoveAllListeners()+.once().shell.openPath()executes files; changed toshell.showItemInFolder()for directory reveal.[REDACTED].Frontend Fixes (5)
taskProgresscalculation crashes whentaskRunningis empty. Addeddenominator === 0guard.input.tsxandtextarea.tsxrender user-influenced HTML without sanitization. Wrapped withDOMPurify.sanitize().generateUniqueId()usedMath.random(). Replaced withcrypto.getRandomValues().hasStackKeys()checkedVITE_STACK_SECRET_SERVER_KEY, leaking server secret to browser bundle. Removed.Backend Fixes (4)
task_locksdict accessed from multiple threads without synchronization. Addedthreading.Lockmutex tocreate_task_lockandget_or_create_task_lock.cookie_managerused fixed.tmpsuffix, vulnerable to symlink attacks. Replaced withtempfile.mkstemp().sanitize_env_pathaccepted absolute paths that could escape~/.eigent. Now rejects all absolute paths outright.tool_controller.pyaccessed_statesdict directly, bypassing the threading lock. Addedremove_state()method.Test Plan
server/tests/test_security_fixes.py)backend/tests/app/service/test_task_lock_mutex.py)backend/tests/app/utils/test_oauth_state_manager.py)backend/tests/app/utils/test_cookie_manager.py)backend/tests/app/component/test_environment.py)test/unit/lib/securityFixes.test.ts)test/unit/electron/fileReader.test.ts)test/unit/store/chatStore-divisionByZero.test.ts)Total: 43 new tests across pytest and vitest