You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create a safe boundary for Meedan remote downloads and Airtable uploads, and add abuse controls to state-changing inbound endpoints. Downloads must not reach internal networks, uploaded content must match its claimed type, and repeated or replayed requests must be bounded and idempotent.
Acceptance criteria
Meedan remote URLs require HTTPS and a configured hostname allowlist.
DNS results and every redirect destination reject private, loopback, link-local, and cloud-metadata addresses.
Remote downloads have bounded redirect, connection, response, byte, and concurrency limits.
Uploads require consistent extension, MIME metadata, and file-signature validation.
SVG is removed or sanitized and served from an isolated origin with safe headers.
Upload size, rate, concurrency, storage, and cost quotas are documented and enforced.
Meedan secret comparison is constant-time and state-changing requests have replay/idempotency protection.
Parent
#572
What to build
Create a safe boundary for Meedan remote downloads and Airtable uploads, and add abuse controls to state-changing inbound endpoints. Downloads must not reach internal networks, uploaded content must match its claimed type, and repeated or replayed requests must be bounded and idempotent.
Acceptance criteria
Blocked by
None - can start immediately.