2386919998
CRITICAL SECURITY FIX - Prevents Cross-Site Request Forgery attacks Changes: - Installed csurf middleware (session-based tokens) - Added CSRF middleware to all /admin routes in src/index.js - Configured admin router to pass csrfToken to all views - Updated layout.ejs to send CSRF token with htmx requests - Added EJS view engine configuration - Added body parsing middleware (json + urlencoded) Security Impact: - Prevents malicious sites from executing admin actions using cookies - All POST requests now require valid CSRF token - Invalid tokens return 403 Forbidden - Session-based tokens (no cookies needed) Protected Routes: - /admin/servers/:id/sync (force whitelist sync) - /admin/servers/:id/toggle-whitelist (whitelist toggle) - /admin/grace/:id/extend (grace period extension) - /admin/grace/:id/manual (manual payment override) - /admin/roles/resync/:id (role assignment) Attack Scenario Prevented: User visits malicious site while logged into Trinity Console → Site tries to submit form to admin endpoint → Request includes session cookie but NO CSRF token → Server rejects with 403 Forbidden → Attack failed! Note: csurf is deprecated but still functional. For future refactor, consider csrf-csrf or Express 5 built-in protection. Refs: TRINITY-CONSOLE-PRE-LAUNCH-CHECKLIST.md - Fix #1 Chronicler: #51 Signed-off-by: Claude (Chronicler #51) <claude@firefrostgaming.com>
593 B
593 B