docs/COMPANION-APP-PHASE-2-LOOPBACK-SECURITY.md · aaronrene/knowtation

COMPANION-APP-PHASE-2-LOOPBACK-SECURITY.md markdown

sha256:0d530f9ef27b8b75547d1db7701a74bc77b77aa8f3d7fa3a8672cf2af36e63bb reconcile: import GitHub-direct RBAC/OAuth/companion and ho… Human minor ⚠ breaking 3 days ago

Empty file

File History 1 commit

sha256:0d530f9ef27b8b75547d1db7701a74bc77b77aa8f3d7fa3a8672cf2af36e63bb reconcile: import GitHub-direct RBAC/OAuth/companion and ho… Human minor ⚠ 3 days ago

patch COMPANION-APP-PHASE-2-LOOPBACK-SECURITY.md 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.1. Adversarial threat model 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.1. Adversarial threat model.Attacker A — malicious web page in the user's browser (cross-origin) 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.1. Adversarial threat model.Attacker B — DNS-rebinding (make a remote origin appear to target loopback) 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.1. Adversarial threat model.Attacker C — a local non-browser process 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.1. Adversarial threat model.Attacker D — prompt-injection payload inside a note body 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.1 verifyLoopbackRequest(params) → LoopbackVerdict 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.1 verifyLoopbackRequest(params) → LoopbackVerdict.code[js] 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.1 verifyLoopbackRequest(params) → LoopbackVerdict.table@L152 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.1 verifyLoopbackRequest(params) → LoopbackVerdict.table@L165 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.2 Rate-limit helpers 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.2. Guard contract — lib/companion-loopback-guard.mjs.2.3 Why the Origin allowlist is the loopback origin only 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.3. Evaluation order (and why) 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.3. Evaluation order (and why).code 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.4. The rate-limit recording contract 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.4. The rate-limit recording contract.code[js] 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.5. Mapping: gate §4 controls → Phase 2 enforcement 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.5. Mapping: gate §4 controls → Phase 2 enforcement.table 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.6. What Phase 5 must do to bind the socket safely 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.7. Test obligations satisfied (gate §10, 7 tiers) 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.7. Test obligations satisfied (gate §10, 7 tiers).table 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.8. Deferred (explicitly not Phase 2) 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.Simple summary 3 days ago

insert Companion App — Phase 2: Loopback Endpoint Security Core.Technical summary 3 days ago

Pathdocs/COMPANION-APP-PHASE-2-LOOPBACK-SECURITY.md

LangMarkdown

Reffeat/companion-app

Object ID

sha256:51f8ac30b115ff214f7800ae78cfb8c5660ecc95e432d71a0079dcd5b703c95a…

Last commit

sha256:0d530f9ef27b8b75547d1db7701a74bc77b77aa8f3d7fa3a8672cf2af36e63bb

reconcile: import GitHub-direct RBAC/OAuth/compan…

3 days ago

Quick links

Blame History