Transport Security: Finish Cookie Hardening, TLS Verification, and Proxy Controls #7

New Issue

Closed

opened 2026-03-29 08:35:00 -05:00 by yusiboyz · 1 comment

yusiboyz commented 2026-03-29 08:35:00 -05:00

Owner

Copy Link

This issue covers cookie, HTTPS, TLS verification, and proxy hardening.

Problems:

• Gateway cookie handling was partially hardened but logout cookie clearing is still inconsistent
• Gateway still disables TLS certificate and hostname verification globally
• Image proxy now has an allowlist, but transport verification is still weakened

Files:

• gateway/responses.py
• gateway/auth.py
• gateway/config.py
• gateway/integrations/image_proxy.py

Acceptance criteria:

• Session set and clear operations use consistent secure cookie attributes
• TLS certificate and hostname verification are enabled by default
• Any exceptions for internal services are explicitly scoped, not global
• Image proxy remains allowlisted and rejects internal/private targets

This issue covers cookie, HTTPS, TLS verification, and proxy hardening. Problems: - Gateway cookie handling was partially hardened but logout cookie clearing is still inconsistent - Gateway still disables TLS certificate and hostname verification globally - Image proxy now has an allowlist, but transport verification is still weakened Files: - gateway/responses.py - gateway/auth.py - gateway/config.py - gateway/integrations/image_proxy.py Acceptance criteria: - Session set and clear operations use consistent secure cookie attributes - TLS certificate and hostname verification are enabled by default - Any exceptions for internal services are explicitly scoped, not global - Image proxy remains allowlisted and rejects internal/private targets

yusiboyz added this to the Immediate milestone 2026-03-29 08:43:51 -05:00

yusiboyz referenced this issue 2026-03-29 08:43:51 -05:00

Production Security and Readiness Remediation #1

yusiboyz referenced this issue from a commit 2026-03-29 09:13:39 -05:00

fix: TLS verification, cookie hardening, and proxy transport (#7)

yusiboyz closed this issue 2026-03-29 09:13:39 -05:00

yusiboyz referenced this issue from a commit 2026-03-29 09:35:40 -05:00

fix: remaining security and deployment hardening (#6 #7 #10)

yusiboyz referenced this issue from a commit 2026-03-29 13:46:13 -05:00

fix(gateway): remove no-verify SSL context from proxy (#7)

yusiboyz commented 2026-03-29 13:50:24 -05:00

Author

Owner

Copy Link

Completed in 7c05ef1 + 9e13984 — _internal_ssl_ctx removed entirely. proxy.py uses plain urlopen() (all internal services are HTTP). ssl import removed from config.py. External calls (OpenAI, SMTP2GO) use default TLS.

**Completed in 7c05ef1 + 9e13984** — _internal_ssl_ctx removed entirely. proxy.py uses plain urlopen() (all internal services are HTTP). ssl import removed from config.py. External calls (OpenAI, SMTP2GO) use default TLS.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

No results found.

Labels

Clear labels

auth

critical

dependencies

high

immediate

medium

next

ops

performance

security

No Label

Milestone

No items

No Milestone Immediate

Projects

Clear projects

No project

Assignees

Clear assignees

yusiboyz

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: yusiboyz/platform#7