stack

Files

Jason Woltje 01639fff95 feat(#285 ): Add input sanitization for XSS prevention

Security improvements:
- Create sanitization utility using sanitize-html library
- Add @Sanitize() and @SanitizeObject() decorators for DTOs
- Apply sanitization to vulnerable fields:
  - Connection rejection/disconnection reasons
  - Connection metadata
  - Identity linking metadata
  - Command payloads
- Remove script tags, event handlers, javascript: URLs
- Prevent data exfiltration, CSS-based XSS, SVG-based XSS

Changes:
- Add sanitize.util.ts with recursive sanitization functions
- Add sanitize.decorator.ts for class-transformer integration
- Update connection.dto.ts with sanitization decorators
- Update identity-linking.dto.ts with sanitization decorators
- Update command.dto.ts with sanitization decorators
- Add comprehensive test coverage including attack vectors

Part of M7.1 Remediation Sprint P1 security fixes.

Fixes #285

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-03 21:47:32 -06:00

qa-automation

feat(#285 ): Add input sanitization for XSS prevention

2026-02-03 21:47:32 -06:00

issue-140-verification.md

docs(orchestration): M4.1-Coordinator autonomous execution report

2026-02-01 18:17:59 -06:00

m4.1-final-status.md

docs(orchestration): ALL FIVE PHASES COMPLETE - Milestone near completion

2026-02-01 20:46:38 -06:00

m4.1-orchestration-plan.md

docs(orchestration): M4.1-Coordinator autonomous execution report