65e95a458d
- Мульти-провайдер: PAPAYU_LLM_PROVIDERS — сбор планов от нескольких ИИ (Claude, OpenAI), агрегация - Тренды дизайна и иконок: вкладка в модалке, поиск по безопасным доменам (Tavily include_domains) - Snyk Code: PAPAYU_SNYK_SYNC, REST API issues → snyk_findings в agent-sync - Documatic: architecture_summary из .papa-yu/architecture.md в agent-sync - Личная автоматизация: capability personal-automation (терминал git/npm/cargo, открытие URL) - agent_sync расширен: snyk_findings, architecture_summary; analyze_project_cmd и run_batch пишут sync - Документация: SNYK_AND_DOCUMATIC_SYNC.md, SECURITY_AND_PERSONAL_AUTOMATION.md, обновлён CLAUDE_AND_AGENT_SYNC Co-authored-by: Cursor <cursoragent@cursor.com>
30 lines
770 B
Markdown
30 lines
770 B
Markdown
# ADR-003: Centralized Network Access and SSRF Protection
|
|
|
|
## Context
|
|
|
|
The application performs external fetch operations based on user or LLM input. Uncontrolled network access introduces SSRF and data exfiltration risks.
|
|
|
|
## Decision
|
|
|
|
All network access must go through a single module (`net`) with explicit safety controls.
|
|
|
|
## Controls
|
|
|
|
- Allowlisted schemes (http, https)
|
|
- Deny private and loopback IP ranges (RFC1918, link-local)
|
|
- Request size limit (1 MB)
|
|
- Timeout (15 s)
|
|
- Reject URL with `user:pass@`
|
|
|
|
## Consequences
|
|
|
|
**Positive:**
|
|
|
|
- Eliminates a large class of security vulnerabilities
|
|
- Centralized policy enforcement
|
|
|
|
**Negative:**
|
|
|
|
- Less flexibility for ad-hoc network calls
|
|
- Requires discipline when adding new features
|