Summary
This release includes significant security hardening, bug fixes for enterprise app handling, update to use the new FDM API for primary detection, and improved app installation tracking.
Changes
๐ Security Improvements
- Path Sanitization: Created shared pathSecurity.js utility with sanitizePath() and validateFilename() functions to prevent directory traversal attacks
- SSRF Protection: Implemented urlSecurity.js with DNS validation for redirect targets, protecting against Server-Side Request Forgery attacks
- Symlink Escape Prevention: Added protections to prevent malicious symlink-based directory escapes
- Whitelist-based Validation: Switched from blocking bad patterns to allowing only specific safe patterns (defense-in-depth approach)
- Applied security fixes across multiple services: fluxshareService, backupRestoreService, fileSystemManager, fileQueryService
๐ Bug Fixes
- Enterprise App Removal: Fixed database corruption issue on non-Arcane nodes by checking for enterprise apps before updating database and properly restoring non-enterprise specs for cleanup
- Code Refactor: Extracted findAndRestoreNonEnterpriseSpecs() helper function to eliminate code duplication between startup and reinstall functions
โจ Enhancements
- FDM API Integration: Updated masterSlaveApps function to use the new FDM /appips API for G-mode app primary detection
- Hardware Discount Logic: Restricted hardware discounts to apps with a maximum of 3 instances
๐งน App Installation Tracking (PR #1638)
- Adjusted fluxappinstalling TTL to 15 minutes for better tracking accuracy
- Added automatic cleanup to remove apps from installing database when app is running or failed to install
๐งช Testing
- Added unit tests for pathSecurity.js utility
- Added unit tests for urlSecurity.js utility