thevoidforge 21.0.15 → 21.0.17

package/dist/wizard/api/terminal.js

@@ -21,7 +21,8 @@ import { getSessionPassword } from './credentials.js';
 import { getServerPort, getServerHost } from '../lib/server-config.js';
 import { parseJsonBody } from '../lib/body-parser.js';
 import { createSession, writeToSession, onSessionData, resizeSession, killSession, listSessions, } from '../lib/pty-manager.js';
-import { validateSession, parseSessionCookie, getClientIp, isRemoteMode } from '../lib/tower-auth.js';
+import { validateSession, parseSessionCookie, getClientIp, isRemoteMode, isLanMode } from '../lib/tower-auth.js';
+import { isPrivateOrigin } from '../lib/network.js';
 import { hasProjectAccess } from '../lib/user-manager.js';
 import { findByDirectory } from '../lib/project-registry.js';
 import { sendJson } from '../lib/http-helpers.js';
@@ -168,7 +169,11 @@ export function handleTerminalUpgrade(req, socket, head, userSession) {
     if (remoteHost) {
         allowedOrigins.push(`https://${remoteHost}`);
     }
-    if (!origin || !allowedOrigins.includes(origin)) {
+    // LAN mode: accept any private IP origin (matches CORS handler in server.ts)
+    const isAllowed = allowedOrigins.includes(origin)
+        || (isLanMode() && isPrivateOrigin(origin));
+    if (!origin || !isAllowed) {
+        console.log(`  PTY WS rejected: origin=${origin} allowed=${JSON.stringify(allowedOrigins)} lan=${isLanMode()}`);
         socket.write('HTTP/1.1 403 Forbidden\r\n\r\n');
         socket.destroy();
         return;

package/dist/wizard/lib/pty-manager.js

@@ -27,6 +27,15 @@ const MAX_SESSIONS_REMOTE = 20; // 5 per project, 20 total across all projects
 const IDLE_TIMEOUT_MS = 30 * 60 * 1000; // 30 minutes
 // SEC-004/QA-003: Whitelist of allowed initial commands — prevent arbitrary command injection
 const ALLOWED_INITIAL_COMMANDS = ['claude', 'claude --dangerously-skip-permissions', 'bash', 'zsh', 'sh', 'npm run dev', 'npm start', 'npm test'];
+// Also allow claude with slash commands (e.g., "claude /campaign --blitz")
+function isAllowedCommand(cmd) {
+    if (ALLOWED_INITIAL_COMMANDS.includes(cmd))
+        return true;
+    // Allow: claude [slash-command] [flags]
+    if (/^claude\s+\/[a-z]/.test(cmd))
+        return true;
+    return false;
+}
 // SEC-013: Safe environment keys — no credential leakage into PTY sessions
 // ANTHROPIC_API_KEY included only in local mode (user's own key).
 // In remote mode, operator's API key must NOT leak to deployer-role users.
@@ -98,6 +107,7 @@ export async function createSession(projectDir, projectName, label, initialComma
         // For scaffold/spec purposes, we document the intent
         safeEnv['VOIDFORGE_REMOTE'] = '1';
     }
+    console.log(`  PTY spawn: shell=${shell} cwd=${projectDir} cmd=${initialCommand ?? '(none)'} PATH=${safeEnv['PATH']?.slice(0, 80) ?? 'UNSET'}`);
     const ptyProcess = nodePty.spawn(shell, [], spawnOptions);
     const session = {
         id,
@@ -142,7 +152,8 @@ export async function createSession(projectDir, projectName, label, initialComma
         audit('terminal_start', '', username, { sessionId: id, project: projectName, label }).catch(() => { });
     }
     // SEC-004/QA-003: Validate initial command against whitelist
-    if (initialCommand && !ALLOWED_INITIAL_COMMANDS.includes(initialCommand)) {
+    if (initialCommand && !isAllowedCommand(initialCommand)) {
+        console.log(`  PTY: rejected command "${initialCommand}" (not in whitelist)`);
         initialCommand = undefined;
     }
     // Auto-run initial command after a short delay (let shell init complete)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thevoidforge",
-  "version": "21.0.15",
+  "version": "21.0.17",
   "description": "From nothing, everything. A methodology framework for building with Claude Code.",
   "type": "module",
   "engines": {