Fix 6 security issues from post-FR audit
- Fix 3 missing CSRF tokens on admin user delete/reset and account
key delete forms (were broken — CSRFProtect rejected submissions)
- Fix trust store path traversal: untrust_key() now validates
fingerprint format ([0-9a-f]{32}) and checks resolved path
- Fix chain key rotation: old key is now revoked after rotation
record, preventing compromised old keys from appending records
- Fix SSRF in deadman webhook: block private/internal IP targets
- Fix logout CSRF: /logout is now POST-only with CSRF token,
preventing cross-site forced logout via img tags
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Aaron D. Lee
@@ -65,12 +65,14 @@
|
||||
{% if user.id != current_user.id %}
|
||||
<form method="POST" action="{{ url_for('admin_reset_password', user_id=user.id) }}"
|
||||
class="d-inline" onsubmit="return confirm('Reset password for {{ user.username }}?')">
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
|
||||
<button type="submit" class="btn btn-sm btn-outline-warning" title="Reset Password">
|
||||
<i class="bi bi-key"></i>
|
||||
</button>
|
||||
</form>
|
||||
<form method="POST" action="{{ url_for('admin_delete_user', user_id=user.id) }}"
|
||||
class="d-inline" onsubmit="return confirm('Delete user {{ user.username }}? This cannot be undone.')">
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
|
||||
<button type="submit" class="btn btn-sm btn-outline-danger" title="Delete User">
|
||||
<i class="bi bi-trash"></i>
|
||||
</button>
|
||||
|
||||
Reference in New Issue
Block a user