javascript-solid-server 0.0.51 → 0.0.52

package/SECURITY-AUDIT-2026-01-15.md

@@ -0,0 +1,514 @@
+# JSS Deep Security Audit Report
+
+**Date:** 2026-01-15  
+**Auditor:** Comprehensive Security Review  
+**Version Audited:** 0.0.51  
+**Previous Audit:** 2026-01-03 (v0.0.48)
+
+---
+
+## Executive Summary
+
+A comprehensive security audit of JavaScriptSolidServer (v0.0.51) revealed **1 critical**, **3 high**, **5 medium**, and **4 low** severity vulnerabilities. While previous critical issues (ACL bypass, JWT signature verification, SSRF) have been fixed, new vulnerabilities were discovered in path traversal protection, input validation, and denial-of-service resistance.
+
+**Overall Security Posture:** 🟡 **Moderate Risk** - Critical path traversal vulnerability requires immediate attention.
+
+---
+
+## Critical Vulnerabilities
+
+### 1. Path Traversal Vulnerability in `urlToPath` (CRITICAL) ⚠️
+
+**Location:** `src/utils/url.js:23-32`
+
+**Description:** The path traversal protection in `urlToPath()` and `urlToPathWithPod()` is insufficient and can be bypassed using multiple techniques.
+
+**Vulnerable Code:**
+
+```javascript
+export function urlToPath(urlPath) {
+  let normalized = urlPath.startsWith('/') ? urlPath.slice(1) : urlPath
+  normalized = decodeURIComponent(normalized)
+
+  // Security: prevent path traversal
+  normalized = normalized.replace(/\.\./g, '') // ❌ INSUFFICIENT
+
+  return path.join(getDataRoot(), normalized)
+}
+```
+
+**Attack Vectors:**
+
+1. **Double-dot bypass:** `....//` → after replacement becomes `../`
+2. **URL encoding bypass:** `%2e%2e%2f` → decodes to `../` after replacement
+3. **Mixed encoding:** `%2e.` → decodes to `..` after replacement
+4. **Path separator injection:** `path.join()` doesn't prevent traversal if normalized still contains `/` or `\`
+
+**Proof of Concept:**
+
+```bash
+# Bypass 1: Double-dot
+GET /alice/....//etc/passwd
+
+# Bypass 2: URL encoding
+GET /alice/%2e%2e%2f%2e%2e%2fetc%2fpasswd
+
+# Bypass 3: Mixed
+GET /alice/%2e./%2e./etc/passwd
+
+# Bypass 4: Windows path separator
+GET /alice/..\..\etc\passwd
+```
+
+**Impact:**
+
+- Read arbitrary files outside DATA_ROOT
+- Write arbitrary files (if write permission exists)
+- Access other pods' data in multi-user mode
+- Potential remote code execution if sensitive config files are overwritten
+
+**CVSS Score:** 9.1 (Critical)
+
+**Fix Required:**
+
+```javascript
+export function urlToPath(urlPath) {
+  let normalized = urlPath.startsWith('/') ? urlPath.slice(1) : urlPath
+  normalized = decodeURIComponent(normalized)
+
+  // Remove all path traversal attempts (multiple passes)
+  normalized = normalized.replace(/\.\./g, '')
+  normalized = normalized.replace(/\.\./g, '') // Second pass for ....//
+
+  // Resolve to absolute path and check it's within DATA_ROOT
+  const resolved = path.resolve(getDataRoot(), normalized)
+  const dataRoot = path.resolve(getDataRoot())
+
+  if (!resolved.startsWith(dataRoot + path.sep) && resolved !== dataRoot) {
+    throw new Error('Path traversal detected')
+  }
+
+  return resolved
+}
+```
+
+---
+
+## High Severity Vulnerabilities
+
+### 2. JSON.parse DoS via Malicious Input (HIGH)
+
+**Location:** Multiple files (17 instances found)
+
+**Description:** `JSON.parse()` is called on user-controlled input without size limits or try-catch in several locations, allowing denial-of-service attacks via:
+
+- Deeply nested JSON structures
+- Large JSON payloads
+- Malformed JSON causing parser hangs
+
+**Vulnerable Locations:**
+
+- `src/handlers/resource.js:89, 271, 294, 653, 670` - HTML data island extraction
+- `src/auth/nostr.js:87` - Nostr event decoding
+- `src/idp/interactions.js:62, 75, 321` - Form body parsing
+- `src/rdf/conneg.js:140` - Content negotiation
+- `src/wac/parser.js:40` - ACL parsing
+
+**Impact:**
+
+- Server resource exhaustion (CPU, memory)
+- Request timeouts
+- Potential service unavailability
+
+**CVSS Score:** 7.5 (High)
+
+**Fix Required:** Add size limits and proper error handling:
+
+```javascript
+// Example fix for resource.js
+try {
+  const maxSize = 10 * 1024 * 1024 // 10MB limit
+  if (jsonLdMatch[1].length > maxSize) {
+    throw new Error('JSON-LD data island too large')
+  }
+  const jsonLd = JSON.parse(jsonLdMatch[1])
+} catch (e) {
+  if (e instanceof SyntaxError) {
+    return reply.code(400).send({ error: 'Invalid JSON-LD' })
+  }
+  throw e
+}
+```
+
+---
+
+### 3. SPARQL Update Injection Risk (HIGH)
+
+**Location:** `src/patch/sparql-update.js:22-85`
+
+**Description:** The SPARQL Update parser uses regex-based parsing with fallback to simple pattern matching. This can be exploited to:
+
+- Inject malicious SPARQL constructs
+- Bypass intended DELETE/INSERT operations
+- Cause parser errors leading to information disclosure
+
+**Vulnerable Code:**
+
+```javascript
+// Regex-based parsing without proper validation
+const insertDataMatch = query.match(/INSERT\s+DATA\s*\{([^}]+)\}/is)
+const deleteDataMatch = query.match(/DELETE\s+DATA\s*\{([^}]+)\}/is)
+```
+
+**Attack Vector:**
+
+```sparql
+INSERT DATA {
+  <#malicious> <predicate> "value" .
+} INSERT DATA {
+  <#legitimate> <predicate> "value" .
+}
+```
+
+**Impact:**
+
+- Unauthorized data modification
+- Data corruption
+- ACL bypass through unexpected triple insertions
+
+**CVSS Score:** 8.1 (High)
+
+**Fix Required:** Use proper SPARQL parser library or implement strict validation.
+
+---
+
+### 4. WebSocket DoS via Subscription Spam (HIGH)
+
+**Location:** `src/notifications/websocket.js:34-53`
+
+**Description:** WebSocket connections can subscribe to unlimited URLs without rate limiting, allowing:
+
+- Memory exhaustion via subscription spam
+- CPU exhaustion via broadcast storms
+- Resource exhaustion attacks
+
+**Vulnerable Code:**
+
+```javascript
+socket.on('message', message => {
+  const msg = message.toString().trim()
+  if (msg.startsWith('sub ')) {
+    const url = msg.slice(4).trim()
+    if (url) {
+      subscribe(socket, url) // ❌ No limits
+      socket.send(`ack ${url}`)
+    }
+  }
+})
+```
+
+**Impact:**
+
+- Server memory exhaustion
+- CPU exhaustion during broadcasts
+- Service unavailability
+
+**CVSS Score:** 7.5 (High)
+
+**Fix Required:** Implement per-connection subscription limits:
+
+```javascript
+const MAX_SUBSCRIPTIONS_PER_CONNECTION = 100
+const socketSubs = subscriptions.get(socket)
+if (socketSubs && socketSubs.size >= MAX_SUBSCRIPTIONS_PER_CONNECTION) {
+  socket.send('error: Subscription limit exceeded')
+  return
+}
+```
+
+---
+
+## Medium Severity Vulnerabilities
+
+### 5. Insufficient Rate Limiting Coverage (MEDIUM)
+
+**Location:** `src/server.js:131-143`
+
+**Description:** Rate limiting is configured but not applied to all sensitive endpoints:
+
+- PATCH operations (can be expensive)
+- DELETE operations (destructive)
+- WebSocket connections (no rate limit)
+- OIDC token endpoint (credential stuffing)
+
+**Impact:**
+
+- Brute force attacks on authentication
+- Resource exhaustion via rapid requests
+- DoS via expensive operations
+
+**CVSS Score:** 5.3 (Medium)
+
+**Fix Required:** Apply rate limiting to all write operations and authentication endpoints.
+
+---
+
+### 6. Information Disclosure via Error Messages (MEDIUM)
+
+**Location:** Multiple handlers
+
+**Description:** Error messages may reveal:
+
+- Internal file paths
+- Stack traces in development mode
+- Database structure hints
+- System architecture details
+
+**Examples:**
+
+- `src/handlers/resource.js:502` - Turtle parsing errors expose internal paths
+- `src/patch/sparql-update.js:696` - SPARQL errors reveal query structure
+
+**Impact:**
+
+- Information useful for further attacks
+- System fingerprinting
+- Path enumeration
+
+**CVSS Score:** 4.3 (Medium)
+
+**Fix Required:** Sanitize error messages in production:
+
+```javascript
+if (process.env.NODE_ENV === 'production') {
+  return reply.code(400).send({ error: 'Invalid request' })
+} else {
+  return reply
+    .code(400)
+    .send({ error: 'Invalid request', details: err.message })
+}
+```
+
+---
+
+### 7. Missing Input Validation on Slug Header (MEDIUM)
+
+**Location:** `src/handlers/container.js:55, 62`
+
+**Description:** The `Slug` header in POST requests is sanitized but not fully validated:
+
+- No length limit
+- No character set validation beyond path traversal
+- Can create files with problematic names
+
+**Vulnerable Code:**
+
+```javascript
+const slug = request.headers.slug
+const filename = await storage.generateUniqueFilename(
+  storagePath,
+  slug,
+  isCreatingContainer
+)
+```
+
+**Impact:**
+
+- Filesystem issues with special characters
+- Potential path confusion attacks
+- Unicode normalization issues
+
+**CVSS Score:** 4.9 (Medium)
+
+**Fix Required:** Add strict validation:
+
+```javascript
+if (slug && slug.length > 255) {
+  return reply.code(400).send({ error: 'Slug too long' })
+}
+if (slug && !/^[a-zA-Z0-9._-]+$/.test(slug)) {
+  return reply.code(400).send({ error: 'Invalid slug format' })
+}
+```
+
+---
+
+### 8. RDF Parsing DoS via Billion Laughs Attack (MEDIUM)
+
+**Location:** `src/rdf/turtle.js:32-56`, `src/rdf/conneg.js`
+
+**Description:** Turtle/N3 parsing doesn't limit:
+
+- Quad count
+- Prefix expansion depth
+- Recursive entity references
+
+**Impact:**
+
+- Memory exhaustion via large RDF documents
+- CPU exhaustion via complex parsing
+- Service unavailability
+
+**CVSS Score:** 5.3 (Medium)
+
+**Fix Required:** Add parsing limits:
+
+```javascript
+const MAX_QUADS = 100000
+const MAX_PREFIXES = 1000
+// Enforce limits during parsing
+```
+
+---
+
+### 9. Missing CSRF Protection on State-Changing Operations (MEDIUM)
+
+**Location:** All PUT/PATCH/DELETE handlers
+
+**Description:** No CSRF tokens or SameSite cookie protection for state-changing operations. While Solid-OIDC DPoP tokens provide some protection, simple Bearer tokens are vulnerable.
+
+**Impact:**
+
+- Cross-site request forgery
+- Unauthorized data modification
+- Account takeover (if combined with XSS)
+
+**CVSS Score:** 6.1 (Medium)
+
+**Fix Required:** Implement CSRF protection for non-DPoP tokens or require SameSite cookies.
+
+---
+
+## Low Severity Vulnerabilities
+
+### 10. Weak Path Traversal Protection in `generateUniqueFilename` (LOW)
+
+**Location:** `src/storage/filesystem.js:132-150`
+
+**Description:** Only removes `/` and `\` but doesn't validate the final path is within bounds.
+
+**Impact:** Limited - only affects POST slug generation, not direct path access.
+
+**CVSS Score:** 3.1 (Low)
+
+---
+
+### 11. Missing Content-Length Validation (LOW)
+
+**Location:** Request body handlers
+
+**Description:** `bodyLimit` is set to 10MB but no per-request validation of Content-Length header.
+
+**Impact:** Potential for request smuggling or resource exhaustion.
+
+**CVSS Score:** 3.5 (Low)
+
+---
+
+### 12. Insufficient Logging of Security Events (LOW)
+
+**Location:** Authentication and authorization handlers
+
+**Description:** Failed authentication attempts are logged but not rate-limited or blocked after repeated failures.
+
+**Impact:** Difficulty detecting brute force attacks.
+
+**CVSS Score:** 2.5 (Low)
+
+---
+
+### 13. CORS Headers Allow All Origins (LOW)
+
+**Location:** `src/ldp/headers.js`
+
+**Description:** CORS headers allow requests from any origin (`*`). While necessary for Solid interoperability, this increases XSS risk.
+
+**Impact:** Increased XSS attack surface.
+
+**CVSS Score:** 3.1 (Low)
+
+**Note:** This may be intentional for Solid protocol compliance.
+
+---
+
+## Positive Security Findings
+
+✅ **Fixed Issues from Previous Audit:**
+
+- ACL bypass (v0.0.49) - Now requires Control permission
+- JWT signature verification (v0.0.49) - Properly verifies against JWKS
+- SSRF protection (v0.0.50) - URL validation implemented
+- Pod creation abuse (v0.0.51) - Rate limited
+- Default token secret (v0.0.51) - Fails in production if not set
+- Rate limiting (v0.0.51) - Basic rate limiting added
+
+✅ **Good Security Practices:**
+
+- Constant-time comparison for HMAC verification
+- Proper bcrypt usage for password hashing
+- DPoP proof validation with timestamp checks
+- SSRF protection with DNS rebinding prevention
+- Path traversal attempt in `generateUniqueFilename`
+- WAC authorization properly implemented
+- No `eval()` or `Function()` usage found
+
+---
+
+## Recommendations
+
+### Immediate Actions (Critical/High)
+
+1. **Fix path traversal vulnerability** - Implement proper path resolution and validation
+2. **Add JSON.parse size limits** - Prevent DoS via malicious JSON
+3. **Harden SPARQL parser** - Use proper parser or strict validation
+4. **Limit WebSocket subscriptions** - Prevent memory exhaustion
+
+### Short-term Actions (Medium)
+
+5. **Expand rate limiting** - Cover all write operations and auth endpoints
+6. **Sanitize error messages** - Remove internal details in production
+7. **Validate Slug header** - Add length and character restrictions
+8. **Add RDF parsing limits** - Prevent Billion Laughs attacks
+
+### Long-term Actions (Low)
+
+9. **Implement CSRF protection** - For non-DPoP authentication
+10. **Enhanced security logging** - Track and alert on suspicious patterns
+11. **Security headers** - Add HSTS, CSP, X-Frame-Options where appropriate
+12. **Regular security audits** - Schedule quarterly reviews
+
+---
+
+## Testing Recommendations
+
+1. **Fuzz testing** - Path traversal, JSON parsing, SPARQL parsing
+2. **Load testing** - WebSocket subscriptions, concurrent requests
+3. **Penetration testing** - Full security assessment
+4. **Dependency scanning** - Check for vulnerable npm packages
+
+---
+
+## Remediation Priority
+
+| Priority | Issue              | Severity | Effort | Target Version |
+| -------- | ------------------ | -------- | ------ | -------------- |
+| P0       | Path traversal     | Critical | Medium | v0.0.52        |
+| P1       | JSON.parse DoS     | High     | Low    | v0.0.52        |
+| P1       | WebSocket DoS      | High     | Low    | v0.0.52        |
+| P2       | SPARQL injection   | High     | High   | v0.0.53        |
+| P2       | Rate limiting gaps | Medium   | Medium | v0.0.53        |
+| P3       | Error disclosure   | Medium   | Low    | v0.0.54        |
+| P3       | Input validation   | Medium   | Low    | v0.0.54        |
+
+---
+
+## Conclusion
+
+While significant security improvements have been made since the previous audit, the path traversal vulnerability requires immediate attention. The codebase shows good security awareness with proper authentication, authorization, and SSRF protection. However, input validation and DoS resistance need strengthening.
+
+**Overall Assessment:** The server is suitable for production use after fixing the critical path traversal issue and implementing the high-priority recommendations.
+
+---
+
+_Report generated: 2026-01-15_  
+_Next audit recommended: 2026-04-15_

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.51",
+  "version": "0.0.52",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/auth/nostr.js

@@ -76,6 +76,9 @@ export function extractNostrToken(authHeader) {
   return null;
 }
 
+// Maximum size for Nostr event (64KB should be plenty for auth events)
+const MAX_NOSTR_EVENT_SIZE = 64 * 1024;
+
 /**
  * Decode NIP-98 event from base64 token
  * @param {string} token - Base64 encoded event
@@ -83,7 +86,15 @@ export function extractNostrToken(authHeader) {
  */
 function decodeEvent(token) {
   try {
+    // Security: limit token size before decoding
+    if (token.length > MAX_NOSTR_EVENT_SIZE) {
+      return null;
+    }
     const decoded = Buffer.from(token, 'base64').toString('utf8');
+    // Security: limit decoded size before parsing
+    if (decoded.length > MAX_NOSTR_EVENT_SIZE) {
+      return null;
+    }
     return JSON.parse(decoded);
   } catch {
     return null;

package/src/handlers/container.js

@@ -55,6 +55,18 @@ export async function handlePost(request, reply) {
   const slug = request.headers.slug;
   const linkHeader = request.headers.link || '';
 
+  // Security: validate Slug header
+  if (slug) {
+    // Maximum length check
+    if (slug.length > 255) {
+      return reply.code(400).send({ error: 'Slug header too long (max 255 characters)' });
+    }
+    // Character validation - allow alphanumeric, dots, dashes, underscores
+    if (!/^[a-zA-Z0-9._-]+$/.test(slug)) {
+      return reply.code(400).send({ error: 'Invalid Slug format. Use only alphanumeric characters, dots, dashes, and underscores.' });
+    }
+  }
+
   // Check if creating a container (Link header contains ldp:Container or ldp:BasicContainer)
   const isCreatingContainer = linkHeader.includes('Container') || linkHeader.includes('BasicContainer');
 

package/src/handlers/resource.js

@@ -1,7 +1,7 @@
 import * as storage from '../storage/filesystem.js';
 import { getAllHeaders, getNotFoundHeaders } from '../ldp/headers.js';
 import { generateContainerJsonLd, serializeJsonLd } from '../ldp/container.js';
-import { isContainer, getContentType, isRdfContentType, getEffectiveUrlPath } from '../utils/url.js';
+import { isContainer, getContentType, isRdfContentType, getEffectiveUrlPath, safeJsonParse } from '../utils/url.js';
 import { parseN3Patch, applyN3Patch, validatePatch } from '../patch/n3-patch.js';
 import { parseSparqlUpdate, applySparqlUpdate } from '../patch/sparql-update.js';
 import {
@@ -86,7 +86,7 @@ export async function handleGet(request, reply) {
           const htmlStr = content.toString();
           const jsonLdMatch = htmlStr.match(/<script type="application\/ld\+json"[^>]*>([\s\S]*?)<\/script>/);
           if (jsonLdMatch) {
-            const jsonLd = JSON.parse(jsonLdMatch[1]);
+            const jsonLd = safeJsonParse(jsonLdMatch[1]);
 
             if (wantsTurtle) {
               // Convert to Turtle
@@ -268,7 +268,7 @@ export async function handleGet(request, reply) {
       try {
         const jsonLdMatch = contentStr.match(/<script\s+type=["']application\/ld\+json["']\s*>([\s\S]*?)<\/script>/i);
         if (jsonLdMatch) {
-          const jsonLd = JSON.parse(jsonLdMatch[1]);
+          const jsonLd = safeJsonParse(jsonLdMatch[1]);
           const { content: turtleContent } = await fromJsonLd(jsonLd, 'text/turtle', resourceUrl, true);
 
           const headers = getAllHeaders({
@@ -291,7 +291,7 @@ export async function handleGet(request, reply) {
     } else if (isRdfContentType(storedContentType)) {
       // Plain JSON-LD file
       try {
-        const jsonLd = JSON.parse(contentStr);
+        const jsonLd = safeJsonParse(contentStr);
         // Use Turtle if URL ends with .ttl, otherwise use Accept header preference
         const targetType = wantsTurtle ? 'text/turtle' : selectContentType(acceptHeader, connegEnabled);
         const { content: outputContent, contentType: outputType } = await fromJsonLd(
@@ -650,7 +650,7 @@ export async function handlePatch(request, reply) {
       }
 
       try {
-        document = JSON.parse(jsonLdMatch[1]);
+        document = safeJsonParse(jsonLdMatch[1]);
         // Save the HTML parts for re-embedding after patch
         const jsonLdStart = contentStr.indexOf(jsonLdMatch[0]) + jsonLdMatch[0].indexOf('>') + 1;
         const jsonLdEnd = jsonLdStart + jsonLdMatch[1].length;
@@ -667,7 +667,7 @@ export async function handlePatch(request, reply) {
     } else {
       // Try to parse as JSON-LD first
       try {
-        document = JSON.parse(contentStr);
+        document = safeJsonParse(contentStr);
       } catch (e) {
         // Not JSON - might be Turtle, handle with RDF store for SPARQL Update
         if (isSparqlUpdate) {

package/src/idp/interactions.js

@@ -8,6 +8,9 @@ import { loginPage, consentPage, errorPage, registerPage } from './views.js';
 import * as storage from '../storage/filesystem.js';
 import { createPodStructure } from '../handlers/container.js';
 
+// Security: Maximum body size for IdP form submissions (1MB)
+const MAX_BODY_SIZE = 1024 * 1024;
+
 /**
  * Handle GET /idp/interaction/:uid
  * Shows login or consent page based on interaction state
@@ -56,6 +59,10 @@ export async function handleLogin(request, reply, provider) {
   const contentType = request.headers['content-type'] || '';
 
   if (Buffer.isBuffer(parsedBody)) {
+    // Security: check body size
+    if (parsedBody.length > MAX_BODY_SIZE) {
+      return reply.code(413).type('text/html').send(errorPage('Request Too Large', 'Request body exceeds maximum size.'));
+    }
     const bodyStr = parsedBody.toString();
     if (contentType.includes('application/json')) {
       try {
@@ -69,6 +76,10 @@ export async function handleLogin(request, reply, provider) {
       parsedBody = Object.fromEntries(params.entries());
     }
   } else if (typeof parsedBody === 'string') {
+    // Security: check body size
+    if (parsedBody.length > MAX_BODY_SIZE) {
+      return reply.code(413).type('text/html').send(errorPage('Request Too Large', 'Request body exceeds maximum size.'));
+    }
     // Body might be a string for form-urlencoded
     if (contentType.includes('application/json')) {
       try {
@@ -315,6 +326,10 @@ export async function handleRegisterPost(request, reply, issuer) {
   const contentType = request.headers['content-type'] || '';
 
   if (Buffer.isBuffer(parsedBody)) {
+    // Security: check body size
+    if (parsedBody.length > MAX_BODY_SIZE) {
+      return reply.code(413).type('text/html').send(registerPage(null, 'Request body exceeds maximum size.'));
+    }
     const bodyStr = parsedBody.toString();
     if (contentType.includes('application/json')) {
       try {
@@ -327,6 +342,10 @@ export async function handleRegisterPost(request, reply, issuer) {
       parsedBody = Object.fromEntries(params.entries());
     }
   } else if (typeof parsedBody === 'string') {
+    // Security: check body size
+    if (parsedBody.length > MAX_BODY_SIZE) {
+      return reply.code(413).type('text/html').send(registerPage(null, 'Request body exceeds maximum size.'));
+    }
     const params = new URLSearchParams(parsedBody);
     parsedBody = Object.fromEntries(params.entries());
   }

package/src/notifications/websocket.js

@@ -12,6 +12,10 @@
 
 import { resourceEvents } from './events.js';
 
+// Security limits
+const MAX_SUBSCRIPTIONS_PER_CONNECTION = 100;
+const MAX_URL_LENGTH = 2048;
+
 // Track subscriptions: WebSocket -> Set<url>
 const subscriptions = new Map();
 
@@ -38,6 +42,19 @@ export function handleWebSocket(socket, request) {
     if (msg.startsWith('sub ')) {
       const url = msg.slice(4).trim();
       if (url) {
+        // Security: validate URL length
+        if (url.length > MAX_URL_LENGTH) {
+          socket.send('error: URL too long');
+          return;
+        }
+
+        // Security: check subscription limit
+        const socketSubs = subscriptions.get(socket);
+        if (socketSubs && socketSubs.size >= MAX_SUBSCRIPTIONS_PER_CONNECTION) {
+          socket.send('error: Subscription limit exceeded');
+          return;
+        }
+
         subscribe(socket, url);
         socket.send(`ack ${url}`);
       }

package/src/rdf/conneg.js

@@ -7,6 +7,7 @@
  */
 
 import { turtleToJsonLd, jsonLdToTurtle } from './turtle.js';
+import { safeJsonParse } from '../utils/url.js';
 
 // RDF content types we support
 export const RDF_TYPES = {
@@ -137,7 +138,7 @@ export async function toJsonLd(content, contentType, baseUri, connegEnabled = fa
 
   // JSON-LD or JSON
   if (type === RDF_TYPES.JSON_LD || type === 'application/json' || !type) {
-    return JSON.parse(text);
+    return safeJsonParse(text);
   }
 
   // Turtle/N3 - only if conneg enabled

package/src/server.js

@@ -290,20 +290,35 @@ export function createServer(options = {}) {
     }
   }
 
+  // Rate limit configuration for write operations
+  // Protects against resource exhaustion and abuse
+  const writeRateLimit = {
+    config: {
+      rateLimit: {
+        max: 60,
+        timeWindow: '1 minute',
+        keyGenerator: (request) => request.webId || request.ip
+      }
+    }
+  };
+
   // LDP routes - using wildcard routing
+  // Read operations - no rate limit (handled by bodyLimit)
   fastify.get('/*', handleGet);
   fastify.head('/*', handleHead);
-  fastify.put('/*', handlePut);
-  fastify.delete('/*', handleDelete);
-  fastify.post('/*', handlePost);
-  fastify.patch('/*', handlePatch);
   fastify.options('/*', handleOptions);
 
+  // Write operations - rate limited
+  fastify.put('/*', writeRateLimit, handlePut);
+  fastify.delete('/*', writeRateLimit, handleDelete);
+  fastify.post('/*', writeRateLimit, handlePost);
+  fastify.patch('/*', writeRateLimit, handlePatch);
+
   // Root route
   fastify.get('/', handleGet);
   fastify.head('/', handleHead);
   fastify.options('/', handleOptions);
-  fastify.post('/', handlePost);
+  fastify.post('/', writeRateLimit, handlePost);
 
   return fastify;
 }

package/src/storage/filesystem.js

@@ -133,8 +133,14 @@ export async function generateUniqueFilename(containerPath, slug, isDir = false)
   const basePath = urlToPath(containerPath);
   let name = slug || crypto.randomUUID();
 
-  // Remove any path traversal attempts
+  // Security: Remove any path traversal attempts and problematic characters
   name = name.replace(/[/\\]/g, '-');
+  name = name.replace(/\.\./g, ''); // Remove .. sequences
+
+  // Security: Limit filename length
+  if (name.length > 255) {
+    name = name.substring(0, 255);
+  }
 
   let candidate = path.join(basePath, name);
   let counter = 1;

package/src/utils/url.js

@@ -19,16 +19,30 @@ export function updateDataRoot() {
  * Convert URL path to filesystem path
  * @param {string} urlPath - The URL path (e.g., /alice/profile/)
  * @returns {string} - Filesystem path
+ * @throws {Error} - If path traversal is detected
  */
 export function urlToPath(urlPath) {
   // Normalize: remove leading slash, decode URI
   let normalized = urlPath.startsWith('/') ? urlPath.slice(1) : urlPath;
   normalized = decodeURIComponent(normalized);
 
-  // Security: prevent path traversal
-  normalized = normalized.replace(/\.\./g, '');
+  // Security: remove path traversal attempts (multiple passes for ....// bypass)
+  let previous;
+  do {
+    previous = normalized;
+    normalized = normalized.replace(/\.\./g, '');
+  } while (normalized !== previous);
 
-  return path.join(getDataRoot(), normalized);
+  // Resolve to absolute path and verify it's within DATA_ROOT
+  const dataRoot = path.resolve(getDataRoot());
+  const resolved = path.resolve(dataRoot, normalized);
+
+  // Ensure resolved path is within dataRoot (prevent traversal via path.resolve tricks)
+  if (!resolved.startsWith(dataRoot + path.sep) && resolved !== dataRoot) {
+    throw new Error('Path traversal detected');
+  }
+
+  return resolved;
 }
 
 /**
@@ -37,17 +51,33 @@ export function urlToPath(urlPath) {
  * @param {string} urlPath - The URL path (e.g., /public/file.txt)
  * @param {string} podName - The pod name from subdomain (e.g., "alice")
  * @returns {string} - Filesystem path (e.g., DATA_ROOT/alice/public/file.txt)
+ * @throws {Error} - If path traversal is detected
  */
 export function urlToPathWithPod(urlPath, podName) {
   // Normalize: remove leading slash, decode URI
   let normalized = urlPath.startsWith('/') ? urlPath.slice(1) : urlPath;
   normalized = decodeURIComponent(normalized);
 
-  // Security: prevent path traversal
-  normalized = normalized.replace(/\.\./g, '');
+  // Security: remove path traversal attempts (multiple passes for ....// bypass)
+  let previous;
+  do {
+    previous = normalized;
+    normalized = normalized.replace(/\.\./g, '');
+  } while (normalized !== previous);
+
+  // Also sanitize podName
+  let safePodName = podName.replace(/\.\./g, '');
+
+  // Resolve to absolute path and verify it's within DATA_ROOT
+  const dataRoot = path.resolve(getDataRoot());
+  const resolved = path.resolve(dataRoot, safePodName, normalized);
+
+  // Ensure resolved path is within dataRoot (prevent traversal via path.resolve tricks)
+  if (!resolved.startsWith(dataRoot + path.sep) && resolved !== dataRoot) {
+    throw new Error('Path traversal detected');
+  }
 
-  // Prepend pod name to path
-  return path.join(getDataRoot(), podName, normalized);
+  return resolved;
 }
 
 /**
@@ -161,3 +191,20 @@ export function isRdfContentType(contentType) {
   ];
   return rdfTypes.includes(contentType);
 }
+
+// Security: Maximum JSON size for parsing (10MB)
+const MAX_JSON_SIZE = 10 * 1024 * 1024;
+
+/**
+ * Safely parse JSON with size limit to prevent DoS
+ * @param {string} jsonString - The JSON string to parse
+ * @param {number} maxSize - Maximum allowed size (default 10MB)
+ * @returns {object} - Parsed JSON object
+ * @throws {Error} - If JSON is too large or invalid
+ */
+export function safeJsonParse(jsonString, maxSize = MAX_JSON_SIZE) {
+  if (jsonString.length > maxSize) {
+    throw new Error(`JSON exceeds maximum size of ${maxSize} bytes`);
+  }
+  return JSON.parse(jsonString);
+}