security: fix CORS misconfiguration and unclosed file handle#3
Draft
ghost wants to merge 1 commit into
Draft
Conversation
- Add configurable cors_allow_origins setting to ServerSettings - Disable allow_credentials when any wildcard origin is present (uses "in" check instead of equality to catch mixed lists like ["*", "https://example.com"]) - Fix unclosed file handle in model.py with proper context manager
Author
I have reviewed the changes and left a comment regarding file encoding for the tokenizer config.
Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues. |
ghost
commented
Apr 26, 2026
| chat_handler = llama_cpp.llama_chat_format.hf_tokenizer_config_to_chat_completion_handler( | ||
| json.load(open(settings.hf_tokenizer_config_path)) | ||
| ) | ||
| with open(settings.hf_tokenizer_config_path) as f: |
Author
There was a problem hiding this comment.
When opening JSON files, it's highly recommended to explicitly specify encoding="utf-8". Without it, open() uses the platform's default encoding (e.g., cp1252 on Windows), which will cause UnicodeDecodeError or corrupted data when reading tokenizer configurations that contain special or non-ASCII characters.
with open(settings.hf_tokenizer_config_path, encoding="utf-8") as f:Fix it with Roo Code or mention @roomote and request a fix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Addresses the review feedback from PR #2 and implements the security fixes with the corrected wildcard origin check.
Changes
1. CORS Misconfiguration Fix (HIGH)
The server was configured with
allow_origins=["*"]combined withallow_credentials=True, which is a security anti-pattern per the CORS spec.What changed:
cors_allow_originssetting toServerSettings(defaults to["*"])allow_credentialsis now set to"*" not in server_settings.cors_allow_originsKey improvement over PR #2: The previous PR used
server_settings.cors_allow_origins != ["*"]which only caught the exact single-wildcard list. This fix uses"*" not in server_settings.cors_allow_originsto correctly detect wildcards even in mixed lists like["*", "https://example.com"].2. Unclosed File Handle Fix (LOW)
In
model.py,json.load(open(...))was used without a context manager, creating a potential resource leak.Fix: Wrapped in a proper
withstatement.View task on Roo Code Cloud