Skip to content

Harden starter pilot gates#4

Open
CBruney wants to merge 4 commits into
mainfrom
audit-p0-sites-pilot-hardening
Open

Harden starter pilot gates#4
CBruney wants to merge 4 commits into
mainfrom
audit-p0-sites-pilot-hardening

Conversation

@CBruney

@CBruney CBruney commented Jul 4, 2026

Copy link
Copy Markdown
Owner

Summary

  • Fail closed on production auth-provider config and first-owner setup.
  • Add CSRF-style protections for state-changing API routes: Origin, Fetch Metadata, and JSON content-type checks.
  • Make Quick Actions fail closed unless explicitly enabled with a nonempty origin allowlist.
  • Clear private browser/session caches on sign-out or access loss.
  • Keep Google Contacts and Cloudflare lanes explicitly gated until their P1 readiness work is complete.
  • Update docs, schema reference, package metadata posture, dev-preview rendering, and build tooling.

Verification

  • npm run check
  • git diff --check
  • GitHub PR checks pass.
  • Live Sites env revision 3 was deployed on current saved version 37.
  • Live /api/session signed-out request returns 401.
  • Live /api/session with caller-supplied oai-authenticated-user-email: spoofed@example.test also returns 401, confirming the supplied identity header is not accepted.

Notes

  • No repo settings were changed.
  • Google Contacts remains disabled in live Sites env and gated in docs.
  • v0.1.0 was not changed, retagged, or recreated.
  • The live deployment was an env/config application of the current saved Sites version, not a deployment of this PR branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant