fix(gateway): enforce safe download for active artifact MIME types to mitigate stored XSS (#1389)

* docs: refocus security review on high-confidence artifact XSS * fix(gateway): block inline active-content artifacts to mitigate XSS * chore: remove security review markdown from PR * Delete SECURITY_REVIEW.md * fix(gateway): harden artifact attachment handling
2026-04-22 21:54:45 +08:00 · 2026-03-26 17:44:25 +08:00
parent b9583f7204
commit 0d3cefaa5a
4 changed files with 119 additions and 18 deletions
--- a/README.md
+++ b/README.md
@@ -534,6 +534,7 @@ All dict-returning methods are validated against Gateway Pydantic response model
 We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, workflow, and guidelines.

 Regression coverage includes Docker sandbox mode detection and provisioner kubeconfig-path handling tests in `backend/tests/`.
+Gateway artifact serving now forces active web content types (`text/html`, `application/xhtml+xml`, `image/svg+xml`) to download as attachments instead of inline rendering, reducing XSS risk for generated artifacts.

 ## License