aegis-bridge 2.16.0 → 2.17.0

package/dashboard/dist/index.html

@@ -5,7 +5,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Aegis Dashboard</title>
     <link rel="icon" type="image/svg+xml" href="data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'><text y='.9em' font-size='90'>🛡️</text></svg>" />
-    <script type="module" crossorigin src="/dashboard/assets/index-Bvpa0M1m.js"></script>
+    <script type="module" crossorigin src="/dashboard/assets/index-iq1EAlmt.js"></script>
     <link rel="stylesheet" crossorigin href="/dashboard/assets/index-DnIfWYzW.css">
   </head>
   <body class="bg-[#0a0a0f] text-gray-200 antialiased">

package/dist/server.js

@@ -1467,11 +1467,16 @@ app.post('/v1/templates', async (req, reply) => {
     if (!finalData.workDir) {
         return reply.status(400).send({ error: 'workDir is required (provide sessionId or explicit workDir)' });
     }
+    // Issue #1125: Validate workDir for path traversal at template creation time
+    const safeWorkDir = await validateWorkDirWithConfig(finalData.workDir);
+    if (typeof safeWorkDir === 'object') {
+        return reply.status(400).send({ error: `Invalid workDir: ${safeWorkDir.error}`, code: safeWorkDir.code });
+    }
     try {
         const template = await templateStore.createTemplate({
             name,
             description,
-            workDir: finalData.workDir,
+            workDir: safeWorkDir,
             prompt: finalData.prompt,
             claudeCommand: finalData.claudeCommand,
             env: finalData.env,

package/dist/ws-terminal.js

@@ -77,14 +77,21 @@ export function registerWsTerminalRoute(app, sessions, tmux, auth) {
             socket.close();
             return;
         }
-        const session = sessions.getSession(sessionId);
-        if (!session) {
-            sendError(socket, 'Session not found');
-            socket.close();
-            return;
-        }
         // Check if already authenticated via Bearer header in preHandler
         const preAuthed = auth.authEnabled && req.headers?.authorization?.startsWith('Bearer ');
+        // #1130: When auth is required but not yet provided, do NOT check session
+        // existence — that would leak whether a session ID is valid to unauthenticated clients.
+        // For pre-authenticated clients (Bearer header) or when auth is disabled, check immediately.
+        let session = null;
+        const deferSessionCheck = auth.authEnabled && !preAuthed;
+        if (!deferSessionCheck) {
+            session = sessions.getSession(sessionId);
+            if (!session) {
+                sendError(socket, 'Session not found');
+                socket.close();
+                return;
+            }
+        }
         // Create subscriber
         const subscriber = {
             lastContent: '',
@@ -104,25 +111,27 @@ export function registerWsTerminalRoute(app, sessions, tmux, auth) {
                 }
             }, AUTH_TIMEOUT_MS);
         }
-        // Get or create shared session poll
-        let poll = sessionPolls.get(sessionId);
-        if (!poll) {
-            poll = {
-                timer: null,
-                tickCount: 0,
-                subscribers: new Map(),
-            };
-            sessionPolls.set(sessionId, poll);
-            // Start the shared poll timer
-            poll.timer = setInterval(async () => {
-                poll.tickCount++;
-                await tickPoll(sessionId, sessions, tmux, poll);
-            }, POLL_INTERVAL_MS);
+        // Get or create shared session poll (only after session is confirmed to exist)
+        if (session) {
+            let poll = sessionPolls.get(sessionId);
+            if (!poll) {
+                poll = {
+                    timer: null,
+                    tickCount: 0,
+                    subscribers: new Map(),
+                };
+                sessionPolls.set(sessionId, poll);
+                // Start the shared poll timer
+                poll.timer = setInterval(async () => {
+                    poll.tickCount++;
+                    await tickPoll(sessionId, sessions, tmux, poll);
+                }, POLL_INTERVAL_MS);
+            }
+            poll.subscribers.set(socket, subscriber);
         }
-        poll.subscribers.set(socket, subscriber);
         // Handle pong responses for keep-alive
         socket.on('pong', () => {
-            const sub = poll?.subscribers.get(socket);
+            const sub = sessionPolls.get(sessionId)?.subscribers.get(socket);
             if (sub)
                 sub.lastPongAt = Date.now();
         });
@@ -176,6 +185,29 @@ export function registerWsTerminalRoute(app, sessions, tmux, auth) {
                         clearTimeout(subscriber.authTimer);
                         subscriber.authTimer = null;
                     }
+                    // #1130: Now that the client is authenticated, check session existence.
+                    // This was deferred to avoid leaking valid session IDs to unauthenticated clients.
+                    const authedSession = sessions.getSession(sessionId);
+                    if (!authedSession) {
+                        sendError(socket, 'Session not found');
+                        evictSubscriber(sessionId, socket, subscriber);
+                        return;
+                    }
+                    // Register subscriber to the session poll now that session is confirmed
+                    let authedPoll = sessionPolls.get(sessionId);
+                    if (!authedPoll) {
+                        authedPoll = {
+                            timer: null,
+                            tickCount: 0,
+                            subscribers: new Map(),
+                        };
+                        sessionPolls.set(sessionId, authedPoll);
+                        authedPoll.timer = setInterval(async () => {
+                            authedPoll.tickCount++;
+                            await tickPoll(sessionId, sessions, tmux, authedPoll);
+                        }, POLL_INTERVAL_MS);
+                    }
+                    authedPoll.subscribers.set(socket, subscriber);
                     send(socket, { type: 'status', status: 'authenticated' });
                     return;
                 }
@@ -189,9 +221,15 @@ export function registerWsTerminalRoute(app, sessions, tmux, auth) {
                     await sessions.sendMessage(sessionId, msg.text);
                 }
                 else if (msg.type === 'resize') {
+                    const resizeSession = sessions.getSession(sessionId);
+                    if (!resizeSession) {
+                        sendError(socket, 'Session no longer exists');
+                        evictSubscriber(sessionId, socket, subscriber);
+                        return;
+                    }
                     const cols = clamp(msg.cols ?? 80, 10, 500, 80);
                     const rows = clamp(msg.rows ?? 24, 5, 200, 24);
-                    await tmux.resizePane(session.windowId, cols, rows);
+                    await tmux.resizePane(resizeSession.windowId, cols, rows);
                 }
             }
             catch (e) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aegis-bridge",
-  "version": "2.16.0",
+  "version": "2.17.0",
   "type": "module",
   "description": "Orchestrate Claude Code sessions via API. Create, brief, monitor, refine, ship.",
   "main": "dist/server.js",