@blamejs/core 0.8.13 → 0.8.16

package/lib/dark-patterns.js

@@ -0,0 +1,357 @@
+"use strict";
+/**
+ * FTC Dark-Patterns / Click-to-Cancel UX-parity attestation.
+ *
+ * The FTC's Negative Option Rule (effective 2024; expanded 2025-2026
+ * via state click-to-cancel laws) requires that the steps to cancel a
+ * subscription / withdraw consent be no more burdensome than the
+ * steps to subscribe / grant consent. The standard breakdown:
+ *
+ *   - prominence parity        — same call-to-action visibility
+ *   - click-count parity       — cancel <= signup
+ *   - contrast / font parity   — accessible-text contrast and font
+ *                                weight match
+ *   - method parity            — operator that signed up over the web
+ *                                must let the subject cancel over the
+ *                                web (not phone-only)
+ *   - confirmation parity      — single-confirmation if signup was
+ *                                single-confirmation
+ *
+ * The framework can't measure pixel-level UI parity from server code.
+ * What it CAN do is provide a primitive that:
+ *
+ *   1. Records an operator-attested signup-flow snapshot (clicks,
+ *      visible call-to-action text, font weight, contrast ratio).
+ *   2. Records an attested cancel-flow snapshot.
+ *   3. Computes the parity verdict and emits an audit trail.
+ *   4. Refuses to emit a "consent-withdrawn" event in postures that
+ *      require parity if the snapshots show degradation.
+ *
+ * Public API:
+ *
+ *   darkPatterns.recordSignupFlow(opts) -> snapshot
+ *   darkPatterns.recordCancelFlow(opts) -> snapshot
+ *     opts: {
+ *       channel:     "web" | "mobile" | "phone" | "email" | "in-person",
+ *       clickCount:  integer 1..50,
+ *       cta:         { text, fontWeight, contrastRatio },
+ *       confirmations: integer 0..10,
+ *       requiresLogin: bool,
+ *       resourceId:  operator-supplied id linking signup<->cancel,
+ *     }
+ *
+ *   darkPatterns.assertParity(signup, cancel, opts) -> { ok, breaches }
+ *     opts:
+ *       toleranceClicks      — how many extra cancel clicks tolerated
+ *                              (default 0).
+ *       toleranceContrast    — minimum contrast ratio absolute value
+ *                              required of cancel (default 4.5 — AA).
+ *       posture              — "ftc-2024" | "ca-sb942" | "strict".
+ *       errorClass           — DarkPatternsError (mapped to McpError
+ *                              namespace? no — uses a dedicated class).
+ *
+ *   darkPatterns.attest(opts) -> { id, signupFlow, cancelFlow, verdict, signedAt }
+ *     One-shot composer used by operators that capture both flows
+ *     during a regression test of their UI.
+ *
+ *   darkPatterns.middleware(opts) -> middleware(req, res, next)
+ *     Attached to the cancel-flow endpoint. Verifies the operator has
+ *     a parity attestation on file (via opts.lookupAttestation) and
+ *     refuses with 451 (legal reasons) if missing.
+ */
+
+var audit = require("./audit");
+var { defineClass } = require("./framework-error");
+
+var STR_LEN_MAX     = 256;                                                                  // allow:raw-byte-literal — string-length cap, not bytes
+var FONT_WEIGHT_MAX = 1000;                                                                 // allow:raw-byte-literal — CSS font-weight ceiling (CSS Fonts L4)
+var DarkPatternsError = defineClass("DarkPatternsError", { alwaysPermanent: true });
+
+var CHANNELS = ["web", "mobile", "phone", "email", "in-person", "mail"];
+
+var POSTURES = {
+  // FTC Negative Option Rule baseline — clicks must not exceed signup;
+  // cancel must use the same channel; contrast/font weight must not
+  // degrade.
+  "ftc-2024": {
+    toleranceClicks:    0,
+    requireSameChannel: true,
+    toleranceContrast:  4.5,
+    requireSameFont:    true,
+  },
+  // California SB-942 / AB-2863 — stricter; cancel UI must use same
+  // medium AND require <= signup confirmations.
+  "ca-sb942": {
+    toleranceClicks:    0,
+    requireSameChannel: true,
+    toleranceContrast:  4.5,
+    requireSameFont:    true,
+    requireSameConfirmations: true,
+  },
+  "strict": {
+    toleranceClicks:    0,
+    requireSameChannel: true,
+    toleranceContrast:  7.0,
+    requireSameFont:    true,
+    requireSameConfirmations: true,
+  },
+};
+
+function _validateFlowOpts(opts, label, errorClass) {
+  if (!opts || typeof opts !== "object") {
+    throw errorClass.factory("BAD_OPTS",
+      "darkPatterns.record" + label + ": opts required");
+  }
+  if (CHANNELS.indexOf(opts.channel) === -1) {
+    throw errorClass.factory("BAD_CHANNEL",
+      "darkPatterns: channel must be one of " + CHANNELS.join(","));
+  }
+  if (typeof opts.clickCount !== "number" || !isFinite(opts.clickCount) ||
+      opts.clickCount < 1 || opts.clickCount > 50 ||
+      Math.floor(opts.clickCount) !== opts.clickCount) {
+    throw errorClass.factory("BAD_CLICKS",
+      "darkPatterns: clickCount must be integer 1..50");
+  }
+  if (!opts.cta || typeof opts.cta !== "object") {
+    throw errorClass.factory("BAD_CTA",
+      "darkPatterns: cta object required (text, fontWeight, contrastRatio)");
+  }
+  if (typeof opts.cta.text !== "string" || opts.cta.text.length === 0 ||
+      opts.cta.text.length > STR_LEN_MAX) {
+    throw errorClass.factory("BAD_CTA_TEXT",
+      "darkPatterns: cta.text must be 1-256 char string");
+  }
+  if (typeof opts.cta.fontWeight !== "number" || opts.cta.fontWeight < 100 ||
+      opts.cta.fontWeight > FONT_WEIGHT_MAX) {
+    throw errorClass.factory("BAD_FONT_WEIGHT",
+      "darkPatterns: cta.fontWeight must be 100..1000");
+  }
+  if (typeof opts.cta.contrastRatio !== "number" ||
+      opts.cta.contrastRatio < 1 || opts.cta.contrastRatio > 21) {
+    throw errorClass.factory("BAD_CONTRAST",
+      "darkPatterns: cta.contrastRatio must be 1..21");
+  }
+  if (typeof opts.confirmations !== "number" ||
+      opts.confirmations < 0 || opts.confirmations > 10 ||
+      Math.floor(opts.confirmations) !== opts.confirmations) {
+    throw errorClass.factory("BAD_CONFIRMATIONS",
+      "darkPatterns: confirmations must be integer 0..10");
+  }
+  if (typeof opts.resourceId !== "string" || opts.resourceId.length === 0 ||
+      opts.resourceId.length > STR_LEN_MAX) {
+    throw errorClass.factory("BAD_RESOURCE_ID",
+      "darkPatterns: resourceId must be 1-256 char string");
+  }
+}
+
+function recordSignupFlow(opts) {
+  _validateFlowOpts(opts, "SignupFlow", DarkPatternsError);
+  return Object.freeze({
+    kind:          "signup",
+    channel:       opts.channel,
+    clickCount:    opts.clickCount,
+    cta: Object.freeze({
+      text:          opts.cta.text,
+      fontWeight:    opts.cta.fontWeight,
+      contrastRatio: opts.cta.contrastRatio,
+    }),
+    confirmations: opts.confirmations,
+    requiresLogin: opts.requiresLogin === true,
+    resourceId:    opts.resourceId,
+    recordedAt:    Date.now(),
+  });
+}
+
+function recordCancelFlow(opts) {
+  _validateFlowOpts(opts, "CancelFlow", DarkPatternsError);
+  return Object.freeze({
+    kind:          "cancel",
+    channel:       opts.channel,
+    clickCount:    opts.clickCount,
+    cta: Object.freeze({
+      text:          opts.cta.text,
+      fontWeight:    opts.cta.fontWeight,
+      contrastRatio: opts.cta.contrastRatio,
+    }),
+    confirmations: opts.confirmations,
+    requiresLogin: opts.requiresLogin === true,
+    resourceId:    opts.resourceId,
+    recordedAt:    Date.now(),
+  });
+}
+
+function assertParity(signup, cancel, opts) {
+  opts = opts || {};
+  var errorClass = opts.errorClass || DarkPatternsError;
+  if (!signup || signup.kind !== "signup") {
+    throw errorClass.factory("BAD_SIGNUP_FLOW",
+      "darkPatterns.assertParity: signup must be a recorded signup flow");
+  }
+  if (!cancel || cancel.kind !== "cancel") {
+    throw errorClass.factory("BAD_CANCEL_FLOW",
+      "darkPatterns.assertParity: cancel must be a recorded cancel flow");
+  }
+  if (signup.resourceId !== cancel.resourceId) {
+    throw errorClass.factory("RESOURCE_MISMATCH",
+      "darkPatterns.assertParity: resourceId differs between flows");
+  }
+  var postureName = opts.posture || "ftc-2024";
+  var posture = POSTURES[postureName];
+  if (!posture) {
+    throw errorClass.factory("BAD_POSTURE",
+      "darkPatterns.assertParity: unknown posture " + postureName);
+  }
+
+  var toleranceClicks   = typeof opts.toleranceClicks === "number"
+    ? opts.toleranceClicks : posture.toleranceClicks;
+  var toleranceContrast = typeof opts.toleranceContrast === "number"
+    ? opts.toleranceContrast : posture.toleranceContrast;
+
+  var breaches = [];
+
+  if (cancel.clickCount > signup.clickCount + toleranceClicks) {
+    breaches.push({
+      kind:     "click-count",
+      detail:   "cancel " + cancel.clickCount + " > signup " + signup.clickCount +
+                " + tolerance " + toleranceClicks,
+    });
+  }
+  if (posture.requireSameChannel && cancel.channel !== signup.channel) {
+    breaches.push({
+      kind:   "channel-mismatch",
+      detail: "signup=" + signup.channel + " cancel=" + cancel.channel,
+    });
+  }
+  if (cancel.cta.contrastRatio < toleranceContrast) {
+    breaches.push({
+      kind:   "contrast-below-floor",
+      detail: "cancel contrast " + cancel.cta.contrastRatio +
+              " < required " + toleranceContrast,
+    });
+  }
+  if (cancel.cta.contrastRatio < signup.cta.contrastRatio - 0.5) {
+    breaches.push({
+      kind:   "contrast-degradation",
+      detail: "cancel " + cancel.cta.contrastRatio +
+              " < signup " + signup.cta.contrastRatio + " - 0.5",
+    });
+  }
+  if (posture.requireSameFont && cancel.cta.fontWeight < signup.cta.fontWeight) {
+    breaches.push({
+      kind:   "font-weight-degradation",
+      detail: "cancel " + cancel.cta.fontWeight +
+              " < signup " + signup.cta.fontWeight,
+    });
+  }
+  if (posture.requireSameConfirmations &&
+      cancel.confirmations > signup.confirmations) {
+    breaches.push({
+      kind:   "confirmation-step-added",
+      detail: "cancel " + cancel.confirmations +
+              " > signup " + signup.confirmations,
+    });
+  }
+  if (cancel.requiresLogin && !signup.requiresLogin) {
+    breaches.push({
+      kind:   "login-required-only-for-cancel",
+      detail: "signup did not require login; cancel does",
+    });
+  }
+
+  return { ok: breaches.length === 0, breaches: breaches, posture: postureName };
+}
+
+function attest(opts) {
+  opts = opts || {};
+  var errorClass = opts.errorClass || DarkPatternsError;
+  var signup = recordSignupFlow(opts.signup || {});
+  var cancel = recordCancelFlow(opts.cancel || {});
+  var verdict = assertParity(signup, cancel, {
+    errorClass: errorClass,
+    posture:    opts.posture,
+  });
+  var auditOn = opts.audit !== false;
+  if (auditOn) {
+    audit.safeEmit({
+      action:   "darkpatterns.attest",
+      outcome:  verdict.ok ? "success" : "denied",
+      reason:   verdict.ok ? null : "parity-breach",
+      metadata: {
+        resourceId: signup.resourceId,
+        posture:    verdict.posture,
+        breaches:   verdict.breaches.map(function (b) { return b.kind; }),
+      },
+    });
+  }
+  return {
+    id:         signup.resourceId,
+    signupFlow: signup,
+    cancelFlow: cancel,
+    verdict:    verdict,
+    signedAt:   Date.now(),
+  };
+}
+
+function middleware(opts) {
+  opts = opts || {};
+  var errorClass = opts.errorClass || DarkPatternsError;
+  if (typeof opts.lookupAttestation !== "function") {
+    throw errorClass.factory("BAD_OPTS",
+      "darkPatterns.middleware: lookupAttestation function required");
+  }
+  if (typeof opts.resourceIdFromReq !== "function") {
+    throw errorClass.factory("BAD_OPTS",
+      "darkPatterns.middleware: resourceIdFromReq function required");
+  }
+
+  return function darkPatternsMw(req, res, next) {
+    Promise.resolve().then(function () {
+      var resourceId;
+      try { resourceId = opts.resourceIdFromReq(req); }
+      catch (e) {
+        return _refuse(res, "darkPatterns: resourceIdFromReq threw: " + e.message);
+      }
+      if (typeof resourceId !== "string" || resourceId.length === 0) {
+        return _refuse(res, "darkPatterns: missing resourceId");
+      }
+      return Promise.resolve(opts.lookupAttestation(resourceId)).then(function (att) {
+        if (!att || !att.verdict || !att.verdict.ok) {
+          audit.safeEmit({
+            action:   "darkpatterns.cancel_blocked",
+            outcome:  "denied",
+            reason:   att && att.verdict ? "parity-breach" : "no-attestation",
+            metadata: { resourceId: resourceId, breaches: att && att.verdict ? att.verdict.breaches.map(function (b) { return b.kind; }) : [] },
+          });
+          if (typeof res.setHeader === "function") {
+            res.setHeader("Content-Type", "application/json");
+          }
+          res.statusCode = 451;
+          res.end(JSON.stringify({
+            error: "cancel-flow-not-attested",
+            detail: att && att.verdict ? att.verdict.breaches : "no attestation on file",
+          }));
+          return;
+        }
+        if (typeof next === "function") next();
+      });
+    }).catch(function (e) {
+      _refuse(res, "darkPatterns middleware error: " + (e && e.message));
+    });
+    function _refuse(r, msg) {
+      if (typeof r.setHeader === "function") r.setHeader("Content-Type", "application/json");
+      r.statusCode = 500;
+      r.end(JSON.stringify({ error: msg }));
+    }
+  };
+}
+
+module.exports = {
+  recordSignupFlow:  recordSignupFlow,
+  recordCancelFlow:  recordCancelFlow,
+  assertParity:      assertParity,
+  attest:            attest,
+  middleware:        middleware,
+  POSTURES:          Object.keys(POSTURES),
+  CHANNELS:          CHANNELS.slice(),
+  DarkPatternsError: DarkPatternsError,
+};

package/lib/framework-error.js

@@ -378,6 +378,35 @@ var SmtpPolicyError       = defineClass("SmtpPolicyError",       { alwaysPermane
 // record shape, fetch failures, missing keys, alignment issues.
 // Permanent — DNS-config / message-shape errors, not transient.
 var MailAuthError         = defineClass("MailAuthError",         { alwaysPermanent: true });
+// SseError covers Server-Sent Events stream-shape violations: newline
+// or CR or NUL injection in event:/id:/data: fields (CVE-2026-33128
+// h3, CVE-2026-29085 Hono, CVE-2026-44217 sse-channel — newline in
+// any of the three fields enables event-spoofing, data-injection, or
+// Last-Event-ID reconnect corruption), control-char injection in
+// retry: numeric, oversized field caps, attempts to write after
+// stream close. Permanent — these are caller-shape errors.
+var SseError              = defineClass("SseError",              { alwaysPermanent: true });
+// McpError covers Model Context Protocol server-side violations:
+// unauthenticated tool/resource invocations (CVE-2026-33032 nginx-ui
+// auth-bypass class), confused-deputy via static client IDs +
+// dynamic client registration (CVE-2025-6514 mcp-remote OAuth RCE
+// class), consent-cookie leakage, malformed Authorization header,
+// tool/resource name path traversal. Permanent — protocol-shape
+// errors.
+var McpError              = defineClass("McpError",              { alwaysPermanent: true });
+// AiInputError covers prompt-injection classifier violations: malformed
+// input shape, classifier-result-shape errors, oversized input bypass.
+// Permanent — caller-shape errors.
+var AiInputError          = defineClass("AiInputError",          { alwaysPermanent: true });
+// A2aError covers A2A (Agent-to-Agent) protocol violations: signed-
+// agent-card signature mismatch, expired card, unknown card id,
+// malformed card shape, signature-algorithm allowlist drift.
+// Permanent.
+var A2aError              = defineClass("A2aError",              { alwaysPermanent: true });
+// GraphqlFederationError covers _service.sdl trust-boundary violations:
+// missing or malformed router-token, replay (nonce already seen),
+// unauthorized SDL probe. Permanent.
+var GraphqlFederationError = defineClass("GraphqlFederationError", { alwaysPermanent: true });
 
 module.exports = {
   FrameworkError:         FrameworkError,
@@ -438,4 +467,9 @@ module.exports = {
   ComplianceError:        ComplianceError,
   SmtpPolicyError:        SmtpPolicyError,
   MailAuthError:          MailAuthError,
+  SseError:               SseError,
+  McpError:               McpError,
+  AiInputError:           AiInputError,
+  A2aError:               A2aError,
+  GraphqlFederationError: GraphqlFederationError,
 };

package/lib/graphql-federation.js

@@ -0,0 +1,176 @@
+"use strict";
+/**
+ * GraphQL Federation _service.sdl trust-boundary guard.
+ *
+ * Apollo Federation subgraphs expose the schema via _service.sdl
+ * which is independent of the introspection toggle — operators who
+ * disable introspection in production still leak the full SDL.
+ *
+ * Public API:
+ *   graphqlFederation.guardSdl(opts) -> middleware
+ *   graphqlFederation.queryProbesSdl(query) -> bool
+ */
+
+var crypto = require("crypto");
+var C = require("./constants");
+var nb = require("./numeric-bounds");
+var safeJson = require("./safe-json");
+var safeBuffer = require("./safe-buffer");
+var requestHelpers = require("./request-helpers");
+var audit = require("./audit");
+var { GraphqlFederationError } = require("./framework-error");
+
+var SDL_PROBE_MAX = C.BYTES.kib(64);
+var ROUTER_TOKEN_MIN_LEN = 32;                                                              // allow:raw-byte-literal — string-length floor for token entropy, not bytes
+var NONCE_MIN_LEN = 16;                                                                     // allow:raw-byte-literal — string-length floor for nonce entropy, not bytes
+var NONCE_MAX_LEN = 256;                                                                    // allow:raw-byte-literal — string-length cap, not bytes
+var NONCE_PREVIEW_LEN = 8;                                                                  // allow:raw-byte-literal — log-preview slice length, not bytes
+var SDL_PROBE_RE = /(^|[\s,{])_service\b|_entities\b/;
+
+function queryProbesSdl(query) {
+  if (typeof query !== "string") return false;
+  if (query.length > SDL_PROBE_MAX) return false;                                        // length-bound before regex test
+  return SDL_PROBE_RE.test(query);
+}
+
+function _readBearer(req) {
+  var h = req.headers && req.headers.authorization;
+  if (typeof h !== "string") return null;
+  if (h.length > C.BYTES.kib(8)) return null;
+  var m = /^Bearer\s+([A-Za-z0-9._~+/=-]+)$/.exec(h.trim());
+  return m ? m[1] : null;
+}
+
+function _timingSafeEqual(a, b) {
+  if (typeof a !== "string" || typeof b !== "string") return false;
+  var ab = Buffer.from(a, "utf8");
+  var bb = Buffer.from(b, "utf8");
+  if (ab.length !== bb.length) return false;
+  return crypto.timingSafeEqual(ab, bb);
+}
+
+function _readBody(req, errorClass) {
+  if (req.body !== undefined && req.body !== null) {
+    return Promise.resolve(req.body);
+  }
+  var cap = C.BYTES.mib(1);
+  return new Promise(function (resolve, reject) {
+    var collector = safeBuffer.boundedChunkCollector({ maxBytes: cap });
+    req.on("data", function (chunk) {
+      try { collector.push(chunk); }
+      catch (_e) {
+        req.destroy();
+        reject(errorClass.factory("BODY_TOO_LARGE",
+          "graphqlFederation: body exceeds " + cap + " bytes"));
+      }
+    });
+    req.on("end",  function () { resolve(collector.result().toString("utf8")); });
+    req.on("error", reject);
+  });
+}
+
+function guardSdl(opts) {
+  opts = opts || {};
+  var errorClass = opts.errorClass || GraphqlFederationError;
+  var publicSchemaOk = opts.publicSchemaOk === true;
+  var routerToken = typeof opts.routerToken === "string" ? opts.routerToken : null;
+  if (!publicSchemaOk && (!routerToken || routerToken.length < ROUTER_TOKEN_MIN_LEN)) {
+    throw errorClass.factory("BAD_OPTS",
+      "graphqlFederation.guardSdl: routerToken (32+ char) required unless publicSchemaOk=true");
+  }
+  var nonceStore = opts.nonceStore && typeof opts.nonceStore.has === "function" &&
+                   typeof opts.nonceStore.remember === "function" ? opts.nonceStore : null;
+  nb.requirePositiveFiniteIntIfPresent(opts.nonceTtlMs, "graphqlFederation.guardSdl: opts.nonceTtlMs", errorClass, "BAD_TTL");
+  var nonceTtlMs = opts.nonceTtlMs || C.TIME.minutes(5);
+  var auditOn = opts.audit !== false;
+
+  function _emitDenied(req, reason, metadata) {
+    if (!auditOn) return;
+    audit.safeEmit({
+      action:   "graphqlfederation.sdl_refused",
+      outcome:  "denied",
+      reason:   reason,
+      metadata: Object.assign({
+        ip:   requestHelpers.clientIp(req),
+        path: req && req.url,
+      }, metadata || {}),
+    });
+  }
+
+  function _refuse(res, status, message) {
+    if (typeof res.setHeader === "function") {
+      res.setHeader("Content-Type", "application/json");
+    }
+    res.statusCode = status;
+    res.end(JSON.stringify({ errors: [{ message: message }] }));
+  }
+
+  return function graphqlFedGuard(req, res, next) {
+    Promise.resolve().then(function () {
+      return _readBody(req, errorClass).then(function (rawBody) {
+        var query = null;
+        try {
+          var parsed = typeof rawBody === "string" ? safeJson.parse(rawBody, { maxBytes: C.BYTES.mib(1) }) : rawBody;             // allow:JSON.parse — routed via safeJson.parse
+          query = parsed && typeof parsed === "object" ? parsed.query : null;
+        } catch (_e) { /* not JSON; pass through */ }
+        if (req.body === undefined) req.body = rawBody;
+
+        if (!queryProbesSdl(query)) {
+          if (typeof next === "function") next();
+          return;
+        }
+
+        if (publicSchemaOk) {
+          if (typeof next === "function") next();
+          return;
+        }
+
+        var bearer = _readBearer(req);
+        if (!bearer || !_timingSafeEqual(bearer, routerToken)) {
+          _emitDenied(req, "missing or bad router-token", {});
+          return _refuse(res, 401, "graphql federation: router token required for _service / _entities");
+        }
+
+        if (nonceStore) {
+          var nonce = req.headers && req.headers["x-apollographql-router-nonce"];
+          if (typeof nonce !== "string" || nonce.length < NONCE_MIN_LEN || nonce.length > NONCE_MAX_LEN) {
+            _emitDenied(req, "missing nonce", {});
+            return _refuse(res, 401, "graphql federation: nonce required");
+          }
+          return Promise.resolve(nonceStore.has(nonce)).then(function (seen) {
+            if (seen) {
+              _emitDenied(req, "nonce replay", { nonce: nonce.slice(0, NONCE_PREVIEW_LEN) + "..." });
+              return _refuse(res, 401, "graphql federation: nonce replay");
+            }
+            return Promise.resolve(nonceStore.remember(nonce, nonceTtlMs)).then(function () {
+              if (auditOn) {
+                audit.safeEmit({
+                  action:   "graphqlfederation.sdl_allowed",
+                  outcome:  "success",
+                  metadata: {},
+                });
+              }
+              if (typeof next === "function") next();
+            });
+          });
+        }
+        if (auditOn) {
+          audit.safeEmit({
+            action:   "graphqlfederation.sdl_allowed",
+            outcome:  "success",
+            metadata: {},
+          });
+        }
+        if (typeof next === "function") next();
+      });
+    }).catch(function (err) {
+      _emitDenied(req, "guard error: " + (err && err.message), {});
+      if (!res.writableEnded) _refuse(res, 500, "internal guard error");
+    });
+  };
+}
+
+module.exports = {
+  guardSdl:        guardSdl,
+  queryProbesSdl:  queryProbesSdl,
+};

package/lib/http-client.js

@@ -376,6 +376,7 @@ function _toH2Headers(method, u, headers) {
   h2Headers[":path"]      = u.pathname + (u.search || "");
   h2Headers[":scheme"]    = u.protocol === "https:" ? "https" : "http";
   h2Headers[":authority"] = u.host;
+  var sawAcceptEncoding = false;
   for (var k in headers) {
     if (!Object.prototype.hasOwnProperty.call(headers, k)) continue;
     var lk = k.toLowerCase();
@@ -383,8 +384,12 @@ function _toH2Headers(method, u, headers) {
     if (lk === "connection" || lk === "host" ||
         lk === "keep-alive" || lk === "transfer-encoding" ||
         lk === "upgrade" || lk === "proxy-connection") continue;
+    if (lk === "accept-encoding") sawAcceptEncoding = true;
     h2Headers[lk] = headers[k];
   }
+  // CVE-2026-22036 mitigation — same identity default as the h1 path.
+  // Refuse compressed responses unless the operator explicitly opts in.
+  if (!sawAcceptEncoding) h2Headers["accept-encoding"] = "identity";
   return h2Headers;
 }
 
@@ -1020,6 +1025,17 @@ function _requestH1(transport, u, opts) {
     if (Buffer.isBuffer(opts.body)) {
       headers["Content-Length"] = opts.body.length;
     }
+    // CVE-2026-22036 mitigation — refuse compressed responses by
+    // default. The framework's http-client returns raw bytes capped
+    // at maxResponseBytes; if a server sends gzip/br/zstd the cap is
+    // on-wire bytes only, and any operator-side decompression is the
+    // operator's responsibility to bound. Identity by default closes
+    // the decompression-bomb amplification class. Operators who DO
+    // want compressed responses opt in by passing an explicit
+    // Accept-Encoding header (lowercase or canonical form).
+    if (!headers["Accept-Encoding"] && !headers["accept-encoding"]) {
+      headers["Accept-Encoding"] = "identity";
+    }
 
     var reqOpts = {
       method:   method,