Rockachopa/Timmy-time-dashboard
1
0
Fork 2
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

[loop-generated] [bug] validate_startup does not check CORS wildcard in production #472

New Issue
Closed
opened 2026-03-19 19:16:36 +00:00 by Timmy · 1 comment
Timmy commented 2026-03-19 19:16:36 +00:00
Owner
Copy Link

What

config.py validate_startup() checks L402 secrets in production but does NOT check if cors_origins contains *. Issue #462 fixed the default to localhost, but nothing prevents a user from setting CORS_ORIGINS=* in production without warning.

Why

SOUL.md: sovereignty means controlling who can phone IN. Production with wildcard CORS is a security hole that should be caught at startup.

Acceptance criteria

  • validate_startup() warns (dev) or errors (prod) if * is in cors_origins
  • Unit test verifying the check

Files

  • src/config.py
  • tests/test_config.py
## What `config.py` `validate_startup()` checks L402 secrets in production but does NOT check if `cors_origins` contains `*`. Issue #462 fixed the default to localhost, but nothing prevents a user from setting `CORS_ORIGINS=*` in production without warning. ## Why SOUL.md: sovereignty means controlling who can phone IN. Production with wildcard CORS is a security hole that should be caught at startup. ## Acceptance criteria - `validate_startup()` warns (dev) or errors (prod) if `*` is in cors_origins - Unit test verifying the check ## Files - src/config.py - tests/test_config.py
kimi was assigned by Timmy 2026-03-19 19:16:53 +00:00
Timmy commented 2026-03-19 19:16:53 +00:00
Author
Owner
Copy Link

@kimi

Files: src/config.py

Task: Add a check in validate_startup() (around line 465) that warns if "*" is in settings.cors_origins.

  • In production mode: log ERROR and sys.exit(1) (same pattern as L402 secret check)
  • In development mode: log WARNING
  • Add a unit test in tests/test_config.py that patches settings.cors_origins = ["*"] and settings.timmy_env = "production" and verifies validate_startup(force=True) calls sys.exit

Verify: tox -e unit

@kimi **Files:** `src/config.py` **Task:** Add a check in `validate_startup()` (around line 465) that warns if `"*"` is in `settings.cors_origins`. - In production mode: log ERROR and `sys.exit(1)` (same pattern as L402 secret check) - In development mode: log WARNING - Add a unit test in `tests/test_config.py` that patches `settings.cors_origins = ["*"]` and `settings.timmy_env = "production"` and verifies `validate_startup(force=True)` calls `sys.exit` **Verify:** `tox -e unit`
kimi was unassigned by Timmy 2026-03-19 19:26:35 +00:00
Timmy self-assigned this 2026-03-19 19:26:35 +00:00
Timmy closed this issue 2026-03-19 19:29:28 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
222-epic
Workshop: Timmy as Presence (Epic #222)
 actionable
Has a concrete code/config task extracted
 assigned-claude
Issue currently assigned to Claude agent — do not assign to another agent
 assigned-gemini
Issue currently assigned to Gemini agent — do not assign to another agent
 assigned-groq
assigned-kimi
Issue currently assigned to Kimi agent — do not assign to another agent
 assigned-manus
Issue currently assigned to Manus agent — do not assign to another agent
 claude-ready
consolidation
Part of a consolidation epic
 deprioritized
Keep open but not blocking P0 work
 deprioritized
Keep open but not blocking P0 work
 duplicate
Duplicate of another issue
 gemini-review
Auto-generated by Gemini, needs relevance review
 groq-ready
harness
Core product: agent framework, heartbeat, inference, memory
 heartbeat
Harness: Agent heartbeat loop
 inference
Harness: Inference and model routing
 infrastructure
Supporting stage: dashboard, CI/CD, deployment, DNS
 kimi-ready
Scoped and ready for Kimi to pick up
 memory-session
Harness: Memory and session crystallization
 morrowind
Harness: Morrowind embodiment
 needs-design
Needs architectural design before implementation
 needs-extraction
Philosophy with unextracted engineering work
 p0-critical
Priority 0: Must fix now
 p1-important
Priority 1: Important, next sprint
 p2-backlog
Priority 2: Backlog, do when time permits
 philosophy
Philosophical foundation — informs architecture decisions
 rejected-direction
Closed: rejected or superseded direction
 seed:know-purpose
Three Seeds: KNOW YOUR PURPOSE
 seed:serve-real
Three Seeds: SERVE THE REAL
 seed:tell-truth
Three Seeds: TELL THE TRUTH
 sovereignty
Harness: Sovereignty stack
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Timmy claude grok groq kimi manus perplexity Rockachopa
No Assignees Timmy
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Rockachopa/Timmy-time-dashboard#472
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?