Skip to content

fix: restrict CORS headers to localhost origins instead of wildcard#1

Open
devin-ai-integration[bot] wants to merge 1 commit into
mainfrom
devin/1782257614-fix-cors-wildcard-headers
Open

fix: restrict CORS headers to localhost origins instead of wildcard#1
devin-ai-integration[bot] wants to merge 1 commit into
mainfrom
devin/1782257614-fix-cors-wildcard-headers

Conversation

@devin-ai-integration

Copy link
Copy Markdown

Summary

The helper server's HTTP responses included Access-Control-Allow-Origin: * in all 4 CORS emission points — the inline OPTIONS/general responses in handle_helper_connection, plus write_http_response and write_http_stream_headers. While the server already binds to 127.0.0.1 (loopback only), the wildcard CORS policy allows any web page (e.g. a malicious site a user visits) to make cross-origin requests to the local helper, potentially exfiltrating data or triggering actions.

Fix: Three new functions replace the hardcoded *:

fn cors_allowed_origin(request: &str) -> String
// Extracts Origin header, returns it only if is_local_origin() passes

fn is_local_origin(origin: &str) -> bool
// Whitelists: 127.0.0.1, localhost, [::1], ::1, and \"null\" (file:// origins)

fn cors_headers_for_origin(allowed_origin: &str) -> String
// Emits Access-Control-Allow-Origin + Vary: Origin, or empty string for rejected origins

The allowed_origin is computed once in handle_helper_connection and threaded through handle_models_proxy_connection, handle_protocol_proxy_connection, handle_chat_completions_proxy_connection, write_http_response, and write_http_stream_headers. Non-local origins receive no CORS headers (browser blocks the request).

Link to Devin session: https://app.devin.ai/sessions/dff844c4d3f9469e8748f06ca1cecd92
Requested by: @ManhND226677

Replace Access-Control-Allow-Origin: * with origin validation that only
allows requests from local addresses (127.0.0.1, localhost, [::1]).

The helper server already binds to 127.0.0.1 (loopback only), but the
wildcard CORS header unnecessarily allows any web page to make
cross-origin requests to it. This hardens the security posture by:

- Adding cors_allowed_origin() to extract and validate the Origin header
- Adding is_local_origin() to whitelist only loopback addresses
- Adding cors_headers_for_origin() to conditionally emit CORS headers
- Adding Vary: Origin header for correct caching behavior
- Updating all 4 CORS locations: inline responses, write_http_response,
  write_http_stream_headers, and all proxy handler call sites

Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
@ManhND226677 ManhND226677 self-assigned this Jun 23, 2026
@devin-ai-integration

Copy link
Copy Markdown
Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment, CI, and merge conflict monitoring

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant