RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/browse
History
Garry Tan 360bb2e192
fix: cookie picker auth token leak (CVE — CVSS 7.8) 
GET /cookie-picker served HTML that inlined the master bearer token
without authentication. Any local process could extract it and use it
to call /command, executing arbitrary JS in the browser context.

Fix: Jupyter-style one-time code exchange. The picker URL now includes
a one-time code that is consumed via 302 redirect, setting an HttpOnly
session cookie. The master AUTH_TOKEN never appears in HTML. The session
cookie is isolated from the scoped token system (not valid for /command).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 		2026-04-07 18:49:45 -10:00
..
bin feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
scripts fix: Windows support — Node.js server fallback for Playwright (#255) 2026-03-20 12:22:11 -07:00
src fix: cookie picker auth token leak (CVE — CVSS 7.8) 2026-04-07 18:49:45 -10:00
test fix: cookie picker auth token leak (CVE — CVSS 7.8) 2026-04-07 18:49:45 -10:00
PLAN-snapshot-dropdown-interactive.md fix: snapshot -i auto-detects dropdown/popover interactive elements (#845) 2026-04-05 22:57:45 -07:00
SKILL.md feat: content security — 4-layer prompt injection defense for pair-agent (#815) 2026-04-06 14:41:06 -07:00
SKILL.md.tmpl feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650) 2026-03-30 12:51:05 -06:00