iOS Security Stack 3/5: Runtime Security Guards#33031
Conversation
openclaw-barnacle
bot
added
app: ios
Greptile SummaryThis PR introduces three targeted runtime security improvements to the iOS app stack:
All three changes are straightforward security tightening with no apparent regressions. Confidence Score: 4/5
Last reviewed commit: 64ce1a1 |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 64ce1a11d4
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| let task = self.webSocketTask(with: url) | ||
| // Avoid "Message too long" receive errors for large snapshots / history payloads. | ||
| task.maximumMessageSize = 16 * 1024 * 1024 // 16 MB | ||
| task.maximumMessageSize = 4 * 1024 * 1024 // 4 MB |
There was a problem hiding this comment.
Lowering task.maximumMessageSize to 4 MB in the default URLSession websocket path introduces a transport mismatch with current gateway responses: chat.history is still capped at 6 MB (src/gateway/server-constants.ts, used in src/gateway/server-methods/chat.ts). On non-TLS iOS connections that use this codepath, any history payload between 4 MB and 6 MB will now fail with "Message too long" and can drop the channel, which breaks consumers like Talk Mode polling chat.history.
Useful? React with 👍 / 👎.
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
2d676d6 to
4e15a3d
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
64ce1a1 to
0477d46
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0477d466a4
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| return | ||
| } | ||
|
|
||
| self.presentAgentDeepLinkPrompt(prompt) |
There was a problem hiding this comment.
Presenting a prompt in the elapsed >= promptIntervalSeconds path does not clear any previously queued prompt, so an older queued request can still be delivered later by deliverQueuedAgentDeepLinkPrompt(). This can happen when a queued task wakes around the 5s boundary but a new deep link is handled first on the main actor; the user then sees and may approve a stale request after handling the newer one, which reorders confirmations and can submit outdated content.
Useful? React with 👍 / 👎.
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
4e15a3d to
b69e706
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
0477d46 to
7504ea2
Compare
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
b69e706 to
0727b96
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
7504ea2 to
136ec0d
Compare
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
0727b96 to
de6a2c4
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
136ec0d to
53cfcb4
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 53cfcb462b
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
|
||
| private func presentAgentDeepLinkPrompt(_ prompt: AgentDeepLinkPrompt) { | ||
| self.lastAgentDeepLinkPromptAt = Date() | ||
| self.pendingAgentDeepLinkPrompt = prompt |
There was a problem hiding this comment.
When a prompt is presented via presentAgentDeepLinkPrompt, any previously queued prompt is left intact, so an older queued deep link can still be delivered later by deliverQueuedAgentDeepLinkPrompt(). This creates an out-of-order confirmation flow (new request first, stale request later) and can cause users to approve outdated content after handling a newer deep link.
Useful? React with 👍 / 👎.
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
de6a2c4 to
d5b5846
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
53cfcb4 to
961dfc0
Compare
mbelinky
force-pushed
the
stack/ios-sec-02-concurrency-locks
branch
from
d5b5846 to
dd85dc7
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
961dfc0 to
84864c4
Compare
mbelinky
changed the base branch from
stack/ios-sec-02-concurrency-locks
to
main
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
84864c4 to
1a70e35
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
1a70e35 to
f6a7145
Compare
mbelinky
force-pushed
the
stack/ios-sec-03-security-guards
branch
from
f6a7145 to
9917165
Compare
Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9917165 Co-authored-by: mbelinky <[email protected]> Co-authored-by: mbelinky <[email protected]> Reviewed-by: @mbelinky
Part 3/5 of iOS security stack (split from #31979).
Scope
Files
Stack
stack/ios-sec-02-concurrency-locks)stack/ios-sec-04-tts-fallback)