superlocalmemory 3.4.19 → 3.4.22

package/src/superlocalmemory/server/middleware/security_headers.py

@@ -0,0 +1,144 @@
+# Copyright (c) 2026 Varun Pratap Bhardwaj / Qualixar
+# Licensed under AGPL-3.0-or-later - see LICENSE file
+# Part of SuperLocalMemory v3.4.22 — LLD-04 §4.2 (v2)
+
+"""Strict security-headers ASGI middleware for the Brain UI.
+
+LLD-04 §4.2 v2 — deterministic, allow-list-only policy:
+
+    content-security-policy: default-src 'self'; script-src 'self';
+                             style-src 'self'; img-src 'self' data:;
+                             connect-src 'self'; frame-ancestors 'none';
+                             base-uri 'self'; form-action 'self'
+    x-content-type-options:  nosniff
+    x-frame-options:         DENY
+    referrer-policy:         no-referrer
+    permissions-policy:      interest-cohort=(), microphone=(),
+                             camera=(), geolocation=()
+
+Design decisions (from LLD-04 §4.2 Policy block):
+
+* **No CSP nonce.** Nonce plumbing was the most common v1 bug; removing
+  it entirely means there is literally no path for an inline script/style
+  to execute — ``script-src 'self'`` blocks all of them.
+* **Deterministic bytes.** The header tuple is a module-level constant.
+  No per-request computation, no string concatenation, no dependency on
+  request state. This keeps the middleware O(1) and cheap.
+* **Works on error responses.** Because we wrap ``send`` itself, the
+  headers land on 401s, 500s, and body-less responses alike — not only
+  on successful handlers. Regression tested in ``test_headers.py``.
+"""
+
+from __future__ import annotations
+
+from starlette.types import ASGIApp, Receive, Scope, Send
+
+
+# Deterministic, module-level, immutable.  Every request gets the same bytes.
+# Keeping the declaration as a tuple of (name, value) bytes pairs avoids any
+# per-request allocation in the hot path.
+_HEADERS: tuple[tuple[bytes, bytes], ...] = (
+    (
+        b"content-security-policy",
+        (
+            b"default-src 'self'; "
+            b"script-src 'self'; "
+            b"style-src 'self'; "
+            b"img-src 'self' data:; "
+            b"connect-src 'self'; "
+            b"frame-ancestors 'none'; "
+            b"base-uri 'self'; "
+            b"form-action 'self'"
+        ),
+    ),
+    (b"x-content-type-options", b"nosniff"),
+    (b"x-frame-options", b"DENY"),
+    (b"referrer-policy", b"no-referrer"),
+    (
+        b"permissions-policy",
+        b"interest-cohort=(), microphone=(), camera=(), geolocation=()",
+    ),
+)
+
+
+# Set of header names (lower-case bytes) we own. We strip existing values
+# from downstream responses so we never double-up if another middleware
+# already set a looser variant.
+_OWNED_NAMES: frozenset[bytes] = frozenset(name for name, _ in _HEADERS)
+
+
+# LLD-04 §4.2 v2 scope note: the strict policy applies to the Brain API and
+# any Brain-scoped static endpoints. Pre-existing dashboard routes (``/``,
+# ``/ui/*``, ``/static/*``, other tabs) currently load vendor libraries
+# (Bootstrap, Bootstrap Icons, Inter font, D3, Sigma, graphology) from CDNs
+# and would break under ``script-src 'self'`` until those assets are vendored
+# locally (tracked for v3.4.22 vendoring work). Applying the strict set there
+# produced a user-visible regression during Stage 6 delivery-lead review,
+# which contradicts LLD-04's user-benefit goal. This middleware therefore
+# enforces the strict set on the routes that actually need it today —
+# ``/api/v3/brain*`` and the deprecated brain shims — and is a no-op on
+# everything else. The existing ``server/security_middleware.py`` keeps
+# emitting its legacy headers on the remaining routes.
+_STRICT_SCOPE_PREFIXES: tuple[bytes, ...] = (
+    b"/api/v3/brain",
+    b"/api/v3/learning/stats",
+    b"/api/v3/patterns",
+    b"/api/v3/behavioral",
+)
+
+
+def _is_strict_path(raw_path: bytes) -> bool:
+    for prefix in _STRICT_SCOPE_PREFIXES:
+        if raw_path == prefix or raw_path.startswith(prefix + b"/") \
+                or raw_path.startswith(prefix + b"?"):
+            return True
+    return False
+
+
+class SecurityHeadersMiddleware:
+    """ASGI middleware that injects the strict v2 header set on Brain routes.
+
+    Unlike ``BaseHTTPMiddleware``, this wraps ``send`` directly so we can
+    act on the ``http.response.start`` event before the client sees any
+    headers. That guarantees coverage of exception responses, ``Response``
+    objects from ``HTTPException`` handlers, and streaming responses — all
+    of which skip ``BaseHTTPMiddleware``'s dispatch flow in edge cases.
+
+    Scope: see ``_STRICT_SCOPE_PREFIXES``. Outside that scope the middleware
+    passes through untouched so pre-existing dashboard CSP policy still
+    governs index/static responses until the vendoring work in v3.4.22.
+    """
+
+    def __init__(self, app: ASGIApp) -> None:
+        self.app = app
+
+    async def __call__(
+        self, scope: Scope, receive: Receive, send: Send,
+    ) -> None:
+        # Only HTTP responses get headers. Websocket / lifespan skip.
+        if scope.get("type") != "http":
+            return await self.app(scope, receive, send)
+
+        raw_path = scope.get("raw_path") or scope.get("path", "").encode("latin-1")
+        if not _is_strict_path(raw_path):
+            return await self.app(scope, receive, send)
+
+        async def _send(message: dict) -> None:
+            if message.get("type") == "http.response.start":
+                existing = list(message.get("headers") or [])
+                # Strip any existing copies of our owned headers so we
+                # never emit duplicates.
+                filtered = [
+                    (name, value)
+                    for name, value in existing
+                    if name.lower() not in _OWNED_NAMES
+                ]
+                for name, value in _HEADERS:
+                    filtered.append((name, value))
+                message["headers"] = filtered
+            await send(message)
+
+        await self.app(scope, receive, _send)
+
+
+__all__ = ("SecurityHeadersMiddleware", "_is_strict_path", "_STRICT_SCOPE_PREFIXES")

package/src/superlocalmemory/server/routes/backup.py

@@ -303,13 +303,36 @@ p {{ color: #999; margin: 0 0 20px; font-size: 13px; }}
 </div></body></html>"""
 
 
+# S8-SEC-04: OAuth success / error pages render user-influenced strings
+# (``error``, ``error_description``, provider ``message`` / ``title``).
+# ``str.format`` doesn't escape HTML, so a hostile OAuth callback can
+# inject ``<script>`` into these pages. These helpers HTML-escape every
+# interpolated value before emitting the template.
+import html as _html
+
+
+def _oauth_error_page(icon: str, error: str) -> str:
+    return _OAUTH_ERROR_HTML.format(
+        icon=_html.escape(str(icon), quote=True),
+        error=_html.escape(str(error), quote=True),
+    )
+
+
+def _oauth_success_page(icon: str, title: str, message: str) -> str:
+    return _OAUTH_SUCCESS_HTML.format(
+        icon=_html.escape(str(icon), quote=True),
+        title=_html.escape(str(title), quote=True),
+        message=_html.escape(str(message), quote=True),
+    )
+
+
 # ---- Google OAuth SSO Flow ------------------------------------------------
 
 @router.get("/api/backup/oauth/google/start")
 async def google_oauth_start(request: Request):
     """Start Google OAuth2 flow — redirects to Google's login page."""
     if not CLOUD_AVAILABLE:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x26A0;", error="Cloud backup module not available"))
+        return HTMLResponse(_oauth_error_page(icon="&#x26A0;", error="Cloud backup module not available"))
 
     from superlocalmemory.infra.cloud_backup import _get_credential
 
@@ -424,10 +447,10 @@ async function saveAndConnect() {
 async def google_oauth_callback(request: Request, code: str = "", error: str = ""):
     """Google OAuth2 callback — exchanges code for tokens."""
     if error:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=f"Google denied access: {error}"))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=f"Google denied access: {error}"))
 
     if not code:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error="No authorization code received"))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error="No authorization code received"))
 
     base_url = str(request.base_url).rstrip("/")
     redirect_uri = f"{base_url}/api/backup/oauth/google/callback"
@@ -435,9 +458,9 @@ async def google_oauth_callback(request: Request, code: str = "", error: str = "
     result = connect_google_drive(code, redirect_uri)
 
     if "error" in result:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=result["error"]))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=result["error"]))
 
-    return HTMLResponse(_OAUTH_SUCCESS_HTML.format(
+    return HTMLResponse(_oauth_success_page(
         icon="&#x2601;&#xFE0F;",
         title="Google Drive Connected!",
         message=f"Signed in as {result.get('email', 'unknown')}. Your memories will be backed up automatically."
@@ -453,7 +476,7 @@ async def google_oauth_callback(request: Request, code: str = "", error: str = "
 async def github_oauth_start(request: Request):
     """Start GitHub OAuth flow."""
     if not CLOUD_AVAILABLE:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x26A0;", error="Cloud backup module not available"))
+        return HTMLResponse(_oauth_error_page(icon="&#x26A0;", error="Cloud backup module not available"))
 
     from superlocalmemory.infra.cloud_backup import _get_credential
 
@@ -553,10 +576,10 @@ async function doConnect() {
 async def github_oauth_callback(request: Request, code: str = "", error: str = ""):
     """GitHub OAuth callback — exchanges code for access token."""
     if error:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=f"GitHub denied access: {error}"))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=f"GitHub denied access: {error}"))
 
     if not code:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error="No authorization code received"))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error="No authorization code received"))
 
     from superlocalmemory.infra.cloud_backup import _get_credential, _store_credential
     import httpx
@@ -565,7 +588,7 @@ async def github_oauth_callback(request: Request, code: str = "", error: str = "
     gh_client_secret = _get_credential("github_client_secret")
 
     if not gh_client_id or not gh_client_secret:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error="GitHub OAuth App not configured"))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error="GitHub OAuth App not configured"))
 
     try:
         # Exchange code for access token
@@ -578,18 +601,18 @@ async def github_oauth_callback(request: Request, code: str = "", error: str = "
         data = resp.json()
         access_token = data.get("access_token")
         if not access_token:
-            return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=data.get("error_description", "Failed to get access token")))
+            return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=data.get("error_description", "Failed to get access token")))
 
         # Use the token to connect
         result = connect_github(access_token, "slm-backup")
         if "error" in result:
-            return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=result["error"]))
+            return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=result["error"]))
 
-        return HTMLResponse(_OAUTH_SUCCESS_HTML.format(
+        return HTMLResponse(_oauth_success_page(
             icon="&#x2705;",
             title="GitHub Connected!",
             message=f"Repository: {result.get('repo', 'slm-backup')}. Your memories will be backed up automatically."
         ))
 
     except Exception as exc:
-        return HTMLResponse(_OAUTH_ERROR_HTML.format(icon="&#x274C;", error=str(exc)))
+        return HTMLResponse(_oauth_error_page(icon="&#x274C;", error=str(exc)))

package/src/superlocalmemory/server/routes/behavioral.py

@@ -96,7 +96,7 @@ async def behavioral_status():
 
 @router.post("/api/behavioral/report-outcome")
 async def report_outcome(data: dict):
-    """Record an action outcome for behavioral learning.
+    """Record an explicit dashboard-reported outcome.
 
     Body: {
         memory_ids: [str, ...],
@@ -104,10 +104,15 @@ async def report_outcome(data: dict):
         action_type: str (optional),
         context: str (optional)
     }
-    """
-    if not BEHAVIORAL_AVAILABLE:
-        return {"success": False, "error": "Behavioral engine not available"}
 
+    S9-DASH-02: previously this handler passed a path string to
+    ``OutcomeTracker(db)`` (which expects a DatabaseManager) and also
+    targeted ``learning.db`` — but ``action_outcomes`` lives in
+    ``memory.db`` (M006). Both failures were silent. This rewrite
+    writes directly to ``action_outcomes`` with a reward label derived
+    from ``outcome``:
+      success=1.0, failure=0.0, partial=0.5
+    """
     memory_ids = data.get('memory_ids')
     outcome = data.get('outcome')
     action_type = data.get('action_type', 'other')
@@ -120,26 +125,52 @@ async def report_outcome(data: dict):
     if outcome not in valid_outcomes:
         return {"success": False, "error": f"outcome must be one of: {valid_outcomes}"}
 
+    import sqlite3
+    import time
+    import uuid
+    from datetime import datetime, timezone
+
+    reward_map = {"success": 1.0, "failure": 0.0, "partial": 0.5}
+    reward = reward_map[outcome]
+    now_iso = datetime.now(timezone.utc).isoformat()
+    outcome_id = str(uuid.uuid4())
+    memory_db_path = MEMORY_DIR / "memory.db"
+
     try:
         profile = get_active_profile()
-        tracker = OutcomeTracker(str(LEARNING_DB))
-
-        context_dict = {"note": context_note} if context_note else {}
-        row_id = tracker.record_outcome(
-            memory_ids=memory_ids,
-            outcome=outcome,
-            action_type=action_type,
-            context=context_dict,
-            project=profile,
-        )
-
-        if row_id is None:
-            return {"success": False, "error": "Failed to record outcome"}
+        context_dict = {
+            "note": context_note,
+            "action_type": action_type,
+            "source": "dashboard_report_outcome",
+        }
+        conn = sqlite3.connect(str(memory_db_path), timeout=5.0)
+        try:
+            conn.execute("PRAGMA busy_timeout=5000")
+            conn.execute(
+                "INSERT INTO action_outcomes "
+                "(outcome_id, profile_id, query, fact_ids_json, outcome, "
+                " context_json, timestamp, reward, settled, settled_at) "
+                "VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1, ?)",
+                (
+                    outcome_id, profile, "",
+                    json.dumps(memory_ids),
+                    outcome,
+                    json.dumps(context_dict),
+                    now_iso, reward, now_iso,
+                ),
+            )
+            conn.commit()
+        finally:
+            conn.close()
 
         return {
-            "success": True, "outcome_id": row_id,
+            "success": True, "outcome_id": outcome_id,
             "active_profile": profile,
-            "message": f"Recorded {outcome} outcome for {len(memory_ids)} memories",
+            "reward": reward,
+            "message": (
+                f"Recorded {outcome} outcome for {len(memory_ids)} "
+                f"memories (reward={reward})"
+            ),
         }
     except Exception as e:
         logger.error("report_outcome error: %s", e)