dohertj2/wwtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mbproxy: remediate the 2026-05-16 code-review findings

Browse Source 
Fixes every finding from the codereviews/2026-05-16 multi-agent review
(2 Critical, 20 Major, 38 Minor) and adds that review to the repo.

Highlights: dashboard XSS escape; response cache invalidated on the
write request (not just the response); ReloadValidator now runs at
startup so port collisions / duplicate names / malformed Resilience
profiles fail fast; AdminPort 0 genuinely disables the admin endpoint;
PlcListener accept-loop faults propagate to the supervisor's faulted
path; reconciler Restart builds before removing; Resilience pipelines
are restart-only from a frozen snapshot; multiplexer connect-race leak,
watchdog party-list snapshot, backend-response and FC16 framing
validation; frontend reconnect retry and util.js load guard; plus the
log-event/doc drift sweep and test-port hygiene.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
2026-05-16 18:08:06 -04:00
parent 0308490aef
commit b222362ce0
45 changed files with 1735 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mbproxy/src/Mbproxy/Admin/StatusSnapshotBuilder.cs
+10 -2
View File
@@ -40,8 +40,16 @@ internal sealed class StatusSnapshotBuilder
/// for every configured BCD tag. Returns an empty, disarmed snapshot when
/// <paramref name="plcName"/> is unknown (e.g. a detail page open for a PLC removed
/// by hot-reload).
///
/// <para><paramref name="armedOverride"/> lets the caller supply the armed flag rather
/// than have this method independently re-read <c>capture.IsArmed</c>. The broadcaster
/// passes <c>true</c> because it only builds a debug snapshot for PLCs it just
/// reconciled armed in the same push cycle — so the pushed payload's <c>CaptureArmed</c>
/// flag is consistent with that decision by construction, instead of racing a
/// disarm between the reconcile and this read (review AdminSignalR M1). When omitted,
/// the live <c>capture.IsArmed</c> is used.</para>
/// </summary>
public PlcDebugSnapshot BuildDebug(string plcName)
public PlcDebugSnapshot BuildDebug(string plcName, bool? armedOverride = null)
{
if (!_captureRegistry.TryGet(plcName, out var capture))
return new PlcDebugSnapshot(CaptureArmed: false, Tags: Array.Empty<TagValueDto>());
@@ -51,7 +59,7 @@ internal sealed class StatusSnapshotBuilder
.Select(o => ToTagDto(o, now))
.ToList();
return new PlcDebugSnapshot(capture.IsArmed, tags);
return new PlcDebugSnapshot(armedOverride ?? capture.IsArmed, tags);
}
private static TagValueDto ToTagDto(TagValueObservation o, DateTimeOffset now)