feat(kiloclaw): forward proxy token and enable enforcement default#599
feat(kiloclaw): forward proxy token and enable enforcement default#599pandemicsyn merged 2 commits intomainfrom
Conversation
Derive and inject per-sandbox proxy tokens on all worker-to-Fly proxy requests so gateway auth can be safely enforced. Turn on REQUIRE_PROXY_TOKEN by default so new and restarted instances adopt enforcement immediately.
| const gatewayToken = await deriveGatewayToken(sandboxId, gatewayTokenSecret); | ||
| forwardHeaders.set('x-kiloclaw-proxy-token', gatewayToken); | ||
| forwardHeaders.set('fly-force-instance-id', machineId); | ||
| forwardHeaders.delete('host'); |
There was a problem hiding this comment.
WARNING: Incomplete hop-by-hop header stripping when forwarding request headers
Only host is removed, but connection and headers listed by connection (for example upgrade, te, proxy-connection, keep-alive, transfer-encoding) should also be stripped before proxying. Forwarding hop-by-hop headers can cause protocol inconsistencies and request smuggling-style edge cases across intermediaries.
There was a problem hiding this comment.
This is kinda true kinda not, for WS Connection/Upgrade are part of the handshake which is why haven't done strict hop-by-hop stripping.
Code Review SummaryStatus: 3 Issues Found | Recommendation: Address before merge Fix these issues in Kilo Cloud Overview
Issue Details (click to expand)WARNING
Other Observations (not in diff)Issues found in unchanged code that cannot receive inline comments:
Files Reviewed (6 files)
|
Return a generic response for and to avoid exposing runtime metadata in unauthenticated probes while preserving Fly health-check compatibility.
| ); | ||
| }; | ||
| export function registerHealthRoute(app: Hono, _supervisor: Supervisor): void { | ||
| const handler = (c: Context) => c.json({ status: 'ok' }); |
There was a problem hiding this comment.
WARNING: Health endpoint now always reports healthy, masking startup/crash states
This route used to return 503 when the gateway was not running. Returning 200/{ status: 'ok' } unconditionally can make readiness checks and external monitors treat unhealthy instances as healthy, which risks routing traffic to instances that are still starting or have crashed.
Summary
x-kiloclaw-proxy-tokenon all worker proxy requests using the sandbox-scoped gateway tokenfly-force-instance-id) and add unit coverage for header constructionREQUIRE_PROXY_TOKENtotruein worker vars so new/restarted instances enforce proxy-token auth by default/_kilo/healthand/healthnow return only{\"status\":\"ok\"}