fix(share): lock bundle fetches to the configured publisher (#1241)

Keep server-side share publish and fetch traffic on the configured OpenWork publisher so bundle links cannot steer host requests to arbitrary targets. Add a warning-backed client-side fallback for manual imports from untrusted bundle URLs. Co-authored-by: src-opn <src-opn@users.noreply.github.com>
2026-05-02 04:17:16 +02:00 · 2026-03-30 17:38:31 -07:00
parent af4b9e829c
commit a3d6b17a19
13 changed files with 279 additions and 52 deletions
--- a/packaging/docker/docker-compose.dev.yml
+++ b/packaging/docker/docker-compose.dev.yml
@@ -119,6 +119,7 @@ services:
      OPENWORK_HOST_TOKEN: ${OPENWORK_HOST_TOKEN:-}
      OPENWORK_DEV_ID: ${OPENWORK_DEV_ID:-default}
      OPENWORK_DEV_MODE: ${OPENWORK_DEV_MODE:-1}
+      OPENWORK_PUBLISHER_BASE_URL: http://${OPENWORK_PUBLIC_HOST:-localhost}:${SHARE_PORT:-3006}
      OPENWORK_DEV_OPENCODE_IMPORT_CONFIG_DIR: /persist/.config/opencode
      OPENWORK_DEV_OPENCODE_IMPORT_DATA_DIR: /persist/.openwork-host-opencode-data
      OPENWORK_SIDECAR_SOURCE: external