coder

History

Dean Sheather 0374af23b2 fix(security)!: path-based app sharing changes (#5772 ) This commit disables path-based app sharing by default. It is possible for a workspace app on a path (not a subdomain) to make API requests to the Coder API. When accessing your own workspace, this is not much of a problem. When accessing a shared workspace app, the workspace owner could include malicious javascript in the page that makes requests to the Coder API on behalf of the visitor. This vulnerability does not affect subdomain apps. - Disables path-based app sharing by default. Previous behavior can be restored using the `--dangerous-allow-path-app-sharing` flag which is not recommended. - Disables users with the site "owner" role from accessing path-based apps from workspaces they do not own. Previous behavior can be restored using the `--dangerous-allow-path-app-site-owner-access` flag which is not recommended. - Adds a flag `--disable-path-apps` which can be used by security-conscious admins to disable all path-based apps across the entire deployment. This check is enforced at app-access time, not at template-ingest time.	2023-01-18 22:56:14 +00:00
..
config.go	fix(security)!: path-based app sharing changes (#5772 )	2023-01-18 22:56:14 +00:00
config_test.go	feat: add --experiments flag to replace --experimental (#5767 )	2023-01-18 19:12:53 +00:00

fix(security)!: path-based app sharing changes (#5772 )

This commit disables path-based app sharing by default. It is possible
for a workspace app on a path (not a subdomain) to make API requests to
the Coder API. When accessing your own workspace, this is not much of a
problem. When accessing a shared workspace app, the workspace owner
could include malicious javascript in the page that makes requests to
the Coder API on behalf of the visitor.

This vulnerability does not affect subdomain apps.

- Disables path-based app sharing by default. Previous behavior can be
  restored using the `--dangerous-allow-path-app-sharing` flag which is
  not recommended.

- Disables users with the site "owner" role from accessing path-based
  apps from workspaces they do not own. Previous behavior can be
  restored using the `--dangerous-allow-path-app-site-owner-access` flag
  which is not recommended.

- Adds a flag `--disable-path-apps` which can be used by
  security-conscious admins to disable all path-based apps across the
  entire deployment. This check is enforced at app-access time, not at
  template-ingest time.

2023-01-18 22:56:14 +00:00

config.go

fix(security)!: path-based app sharing changes (#5772 )

2023-01-18 22:56:14 +00:00

config_test.go

feat: add --experiments flag to replace --experimental (#5767 )

2023-01-18 19:12:53 +00:00