Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2024-09-28 09:30:48 +00:00
Code Issues Projects Releases Wiki Activity
bd6a54e901
gristlabs_grist-core/app/server/lib
History
Paul Fitzpatrick bd6a54e901 (core) mitigate csrf by requiring custom header for unsafe methods 
Summary:
For methods other than `GET`, `HEAD`, and `OPTIONS`, allow cookie-based authentication only if a certain custom header is present.

Specifically, we check that `X-Requested-With` is set to `XMLHttpRequest`. This is somewhat arbitrary, but allows us to use https://expressjs.com/en/api.html#req.xhr.

A request send from a browser that sets a custom header will prompt a preflight check, giving us a chance to check if the origin is trusted.

This diff deals with getting the header in place. There will be more work to do after this:
 * Make sure that all important endpoints are checking origin.  Skimming code, /api endpoint check origin, and some but not all others.
 * Add tests spot-testing origin checks.
 * Check on cases that authenticate differently.
    - Check the websocket endpoint - it can be connected to from an arbitrary site; there is per-doc access control but probably better to lock it down more.
    - There may be old endpoints that authenticate based on knowledge of a client id rather than cookies.

Test Plan: added a test

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2631
2020-10-08 14:19:25 -04:00
..
ActionHistory.ts (core) When parsing ActionHistory into ActionGroups, avoid keeping many large actions in memory. 2020-09-19 20:45:33 -04:00
ActionHistoryImpl.ts (core) When parsing ActionHistory into ActionGroups, avoid keeping many large actions in memory. 2020-09-19 20:45:33 -04:00
ActionSummary.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ActiveDoc.ts (core) When parsing ActionHistory into ActionGroups, avoid keeping many large actions in memory. 2020-09-19 20:45:33 -04:00
ActiveDocImport.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
AppEndpoint.ts (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
Authorizer.ts (core) mitigate csrf by requiring custom header for unsafe methods 2020-10-08 14:19:25 -04:00
BrowserSession.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
checksumFile.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Client.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Comm.js (core) move home server into core 2020-07-21 20:39:10 -04:00
dbUtils.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
DocApi.ts (core) add more detail to /compare endpoint 2020-09-18 16:31:29 -04:00
DocClients.ts (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
DocManager.ts (core) remove metrics 2020-09-29 18:57:56 -04:00
DocPluginData.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
DocPluginManager.ts (core) make user role available in ActiveDoc methods 2020-09-02 14:46:15 -04:00
DocSession.ts (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
DocSnapshots.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
DocStorage.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
DocStorageManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
docUtils.d.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
docUtils.js (core) move home server into core 2020-07-21 20:39:10 -04:00
DocWorker.ts (core) make user role available in ActiveDoc methods 2020-09-02 14:46:15 -04:00
DocWorkerMap.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ExpandedQuery.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
expressWrap.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ExternalStorage.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
extractOrg.ts (core) add a deployment test for Import-from-URL, and fix underlying issue 2020-07-23 11:26:16 -04:00
FileParserElement.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
FlexServer.ts (core) mitigate csrf by requiring custom header for unsafe methods 2020-10-08 14:19:25 -04:00
GranularAccess.ts (core) With ?aclUI=1 in the URL, UserManager for documents includes a button to open 'Access Rules' 2020-09-29 23:15:20 -04:00
GristServer.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
gristSessions.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
guessExt.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
HashUtil.ts (core) add more detail to /compare endpoint 2020-09-18 16:31:29 -04:00
HostedMetadataManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
HostedStorageManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
IBilling.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ICreate.ts (core) fix invite links and add tests with APP_HOME_URL set 2020-10-06 21:51:40 -04:00
IDocStorageManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
idUtils.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
IElectionStore.ts (core) move some material to core that slipped through in a rebase 2020-07-23 11:29:05 -04:00
IInstanceManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ILoginSession.ts (core) move client code to core 2020-10-02 13:24:21 -04:00
INotifier.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ISandbox.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
IShell.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ITestingHooks-ti.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ITestingHooks.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
log.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
manifest.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
NSandbox.ts (core) move data engine code to core 2020-07-29 08:57:25 -04:00
OnDemandActions.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Permit.ts (core) move some material to core that slipped through in a rebase 2020-07-23 11:29:05 -04:00
places.ts (core) fix docker packaging after core shuffle 2020-07-22 14:45:42 -04:00
PluginEndpoint.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
PluginManager.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
requestUtils.ts (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
SafePythonComponent.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
sandboxUtil.js (core) move home server into core 2020-07-21 20:39:10 -04:00
sendAppPage.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ServerColumnGetters.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
serverUtils.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Sessions.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Sharing.ts (core) make user role available in ActiveDoc methods 2020-09-02 14:46:15 -04:00
shortDesc.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
shutdown.js (core) move home server into core 2020-07-21 20:39:10 -04:00
SQLiteDB.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
TagChecker.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
TestingHooks.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Throttle.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
TimeQuery.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
UnsafeNodeComponent.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
uploads.ts (core) mitigate csrf by requiring custom header for unsafe methods 2020-10-08 14:19:25 -04:00
WorkCoordinator.ts (core) move home server into core 2020-07-21 20:39:10 -04:00