Skip to content

feat(security): non-bypassable SSRF guard (M3a) #70

Description

@williamdewitt

Part of #9 (M3 epic). Decomposed slice M3a. risk:critical — security-sensitive, human-merge + linked design update. Not agent-labelled yet (flip on when ready to supervise an autonomous build).

Acceptance criteria

  • An SSRF guard on outbound delivery: HTTPS-only, IP filtering (block private/loopback/link-local/cloud-metadata ranges), connect-time anti-rebinding (resolve + pin, re-check at connect), no redirects followed, with a policy seam to customise allow/deny.
  • Non-bypassable — enforced inside the delivery HTTP path, not an optional per-call flag.
  • Fail-fast + observable (rejections surfaced/metered).
  • Tests cover blocked schemes, blocked IP ranges, DNS-rebinding, and redirect refusal.

Definition of done

  • Builds net8.0+net10.0, 0 warnings; tests green; linked design update (docs/concepts/security.md).

Design: docs/concepts/security.md; docs/design/decisions.md (#4). Foundational — M3b builds on this.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:deliveryDelivery loop / dispatcher / retry / signingarea:securitySSRF guard, signing, secret-at-rest, receiver verifypriority:p2Normal priorityreadyHas acceptance criteria + DoD; pickable by the looprisk:criticalSSRF/signing/secret/public-API/migrations; review + design (Opus, max)type:featNew feature

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions