🛡️ Sentinel: API Security Enhancements#85
Conversation
…sanitization - Sanitize Pydantic validation errors in `create_item` to prevent information leakage of input data and internal URLs. - Add length validation (1-50 characters) to the `id` path parameter in `get_item` for defense-in-depth. - Align `create_item` with project conventions by using the `item.dump()` helper method. - Add unit tests for ID length validation and error sanitization. - Update Sentinel journal with security learnings.
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
| 200 with the item, 404 if not found, or 500 on error. | ||
| 200 with the item, 400 on invalid ID, 404 if not found, or 500 on error. | ||
| """ | ||
| if not (1 <= len(id) <= 50): |
There was a problem hiding this comment.
Rely on pydantic validation for this
There was a problem hiding this comment.
Acknowledged. I've updated the implementation to use Pydantic-based validation via the Entity model instead of the manual length check.
There was a problem hiding this comment.
As Sentinel, I've implemented this as a defense-in-depth measure. Validating the ID length at the handler level ensures we fail fast for obviously invalid inputs (IDs exceeding 50 characters) before they hit the database. This protects against potential resource exhaustion from excessively large inputs and aligns with the constraints defined in our Entity model. Per another reviewer's suggestion, I've updated the implementation to use Pydantic for this validation instead of a manual length check.
…nd error sanitization - Replaced manual ID length check with Pydantic validation using the `Entity` model in `get_item`. - Sanitized Pydantic validation errors in `create_item` using `include_input=False` and `include_url=False`. - Standardized the use of the `.dump()` helper method in the API handler. - Verified all security tests pass, including input validation and error sanitization.
…nd error sanitization - Replaced manual ID length check with Pydantic validation using the `Entity` model in `get_item`. - Sanitized Pydantic validation errors in `create_item` using `include_input=False` and `include_url=False`. - Standardized the use of the `.dump()` helper method in the API handler. - Verified all security tests pass, including input validation and error sanitization.
This PR implements several security enhancements for the REST API handler to improve defense-in-depth and prevent information leakage.
🚨 Severity: MEDIUM
💡 Vulnerabilities & Enhancements
create_itemendpoint previously returned raw Pydantic validation errors, which include the original (potentially sensitive) input and Pydantic documentation URLs.get_itemendpoint did not validate the length of theidpath parameter before querying DynamoDB, which could lead to unnecessary resource consumption or unexpected behavior.item.dump()helper method in the API template to ensure consistent serialization (camelCase) and avoid leaking internal field names.🔧 Fix
create_itemto useexc.errors(include_input=False, include_url=False).get_itemto ensure1 <= len(id) <= 50.item.model_dump()toitem.dump()in the repository call.✅ Verification
test_get_item_id_too_longto verify that IDs longer than 50 characters return a 400 Bad Request.test_post_item_name_too_longto assert that "input" and "url" fields are removed from the error response.Itemmodel possesses thedump()method via inheritance fromEntity.PR created automatically by Jules for task 14477219210158383179 started by @amrabed