Guardian: strict target validation + body-parse error handling
Red-team battery (2026-04-14) found two guardian bypasses in the submit endpoint:
Red-team battery (2026-04-14) found two guardian bypasses in the submit endpoint:
- target="Cloud-Lab" (capitalization) and target="cloud-lab " (trailing
space) both returned 200 and routed the job to the LOCAL compute-worker. The old normalization:
const validTarget = target === "cloud-lab" ? "cloud-lab" : "local";
silently fell through to "local" for any non-exact match, completely bypassing the guardian roadmap validator. A hostile session could submit cloud-lab-intended work with any capitalization and get it executed on the main-server compute-worker with zero validation.
Fix: reject unknown targets with 400 before routing. Target must be exactly "local" or "cloud-lab".
- Malformed JSON bodies (no body, "not-json", missing Content-Type)
returned 500 because request.json() threw and the error was uncaught. UX issue, not security.
Fix: wrap the parse in try/catch and return 400 with a clear detail.
Also validates that body is an object (not a primitive) before destructuring.
Refs: docs/specs/cloud-lab-guardian-spec.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>