security: path traversal guard, null byte rejection, and CORS tightening

[devin-ai-integration]

Summary

Three defense-in-depth security hardening fixes:

1. resolveProjectFsPath path traversal guard — the path field from IPC was joined to the project root via path.join without checking the result stayed inside the root. ../../etc/passwd could escape:

   // before: join(rootPath, "../../etc/passwd") → /etc/passwd
   // after:  throws "Path escapes the project root"
   

   Now normalizes the joined path and verifies it starts with the project root prefix.

2. lightcode-local:// null byte rejection + path normalization — the protocol handler now rejects paths containing null bytes (which can confuse C-level file APIs) and resolve()s the path before serving.

3. CORS restricted to localhost — BrowserMcpIngress and the WSL bridge MCP proxy previously set Access-Control-Allow-Origin: * on OPTIONS responses. Now only reflects the request origin when it's a localhost address (127.0.0.1, localhost, [::1]). Remote web pages can no longer pass CORS preflight against the local MCP endpoint.

Motivation

Audit of the codebase identified these as the highest-impact defense-in-depth improvements. The existing auth (bearer tokens, contextIsolation, sandbox) is the primary security boundary; these fixes add a second layer:

• Path traversal: if a crafted IPC payload reached revealProjectEntry, it could shell.showItemInFolder any file on disk.
• Null bytes: a classic low-level bypass for path validation on some platforms.
• CORS wildcard: while the bearer token guards the endpoint, * allows any web page to pass preflight and issue POST requests (the token still blocks access, but the request still reaches the server).

Testing

• pnpm run typecheck
• pnpm run lint
• pnpm run fmt:check — Not run; formatting unchanged (only logic additions)
• pnpm run test — bridge tests (14/14 pass), BrowserMcpIngress tests (2/2 pass). localFiles.test.ts requires Electron binary (unavailable in headless CI-less env).

Screenshots

No UI changes.

Linked issue

N/A — proactive security audit

Link to Devin session: https://app.devin.ai/sessions/d7d2434b4b4846c0a7aa3176f8ea71f7
Requested by: @SDSLeon

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment, CI, and merge conflict monitoring

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
lightcode-landing	Ready	Preview, Comment	Jun 21, 2026 5:47am