From de85300e4b605f97e70815d7f552681fb8e60616 Mon Sep 17 00:00:00 2001
From: g0w6y <g0w6y@users.noreply.github.com>
Date: Tue, 26 May 2026 11:37:20 +0530
Subject: [PATCH 1/2] fix(dev): restrict default CORS origins and WebSocket
 allowed origins to localhost

The dev server defaulted to a wildcard CORS policy (Access-Control-Allow-Origin: *)
and registered the /run_live WebSocket endpoint with setAllowedOrigins("*"). Any page
loaded from an arbitrary origin could therefore read HTTP responses and complete a
cross-origin WebSocket handshake against a locally running dev server, giving a remote
site read and drive access to the agent.

- AdkWebCorsProperties: change the default allowed-origins fallback from ["*"] to
  ["http://localhost:8080", "http://127.0.0.1:8080"] so the dev UI keeps working out
  of the box while all other origins are rejected by the browser.
- WebSocketConfig: inject AdkWebCorsProperties and derive the WebSocket allowed-origins
  list from the same property, eliminating the separate hardcoded wildcard and keeping
  both policies in sync. Users who need a broader allowlist can set
  adk.web.cors.origins explicitly.
---
 .../google/adk/web/config/AdkWebCorsProperties.java    |  5 ++++-
 .../com/google/adk/web/websocket/WebSocketConfig.java  | 10 ++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
index c96dce91e..7de0f77a2 100644
--- a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
+++ b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
@@ -34,7 +34,10 @@ public record AdkWebCorsProperties(
 
   public AdkWebCorsProperties {
     mapping = mapping != null ? mapping : "/**";
-    origins = origins != null && !origins.isEmpty() ? origins : List.of("*");
+    origins =
+        origins != null && !origins.isEmpty()
+            ? origins
+            : List.of("http://localhost:8080", "http://127.0.0.1:8080");
     methods =
         methods != null && !methods.isEmpty()
             ? methods
diff --git a/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java b/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
index d3c09cf8b..a17d72aff 100644
--- a/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
+++ b/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
@@ -16,6 +16,7 @@
 
 package com.google.adk.web.websocket;
 
+import com.google.adk.web.config.AdkWebCorsProperties;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.socket.config.annotation.EnableWebSocket;
@@ -28,14 +29,19 @@
 public class WebSocketConfig implements WebSocketConfigurer {
 
   private final LiveWebSocketHandler liveWebSocketHandler;
+  private final AdkWebCorsProperties corsProperties;
 
   @Autowired
-  public WebSocketConfig(LiveWebSocketHandler liveWebSocketHandler) {
+  public WebSocketConfig(
+      LiveWebSocketHandler liveWebSocketHandler, AdkWebCorsProperties corsProperties) {
     this.liveWebSocketHandler = liveWebSocketHandler;
+    this.corsProperties = corsProperties;
   }
 
   @Override
   public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
-    registry.addHandler(liveWebSocketHandler, "/run_live").setAllowedOrigins("*");
+    registry
+        .addHandler(liveWebSocketHandler, "/run_live")
+        .setAllowedOrigins(corsProperties.origins().toArray(new String[0]));
   }
 }

From cb733173574cec5f54c23858ce0ecdbf9c74f2f0 Mon Sep 17 00:00:00 2001
From: g0w6y <g0w6y@users.noreply.github.com>
Date: Mon, 29 Jun 2026 22:04:48 +0530
Subject: [PATCH 2/2] fix(dev): use localhost port wildcard for default
 CORS/WebSocket origins

Replace the hardcoded :8080 default origins with the localhost
port-wildcard pattern (http://localhost:[*], http://127.0.0.1:[*]) so the
allowlist no longer assumes the server runs on 8080 (it may run on any
port, e.g. ng serve on 4200 or a user-set server.port).

Switch both origin sinks from setAllowedOrigins to setAllowedOriginPatterns
(AdkWebCorsConfig HTTP CORS and WebSocketConfig /run_live), since the [*]
port pattern is only honored by the *Patterns API; with setAllowedOrigins
it would be treated as a literal and match nothing.

Security posture is unchanged: any localhost port is allowed, while remote
origins, suffix tricks (evil.localhost.com) and non-http schemes remain
blocked.
---
 .../main/java/com/google/adk/web/config/AdkWebCorsConfig.java   | 2 +-
 .../java/com/google/adk/web/config/AdkWebCorsProperties.java    | 2 +-
 .../main/java/com/google/adk/web/websocket/WebSocketConfig.java | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsConfig.java b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsConfig.java
index 2c8063f56..328f87c32 100644
--- a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsConfig.java
+++ b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsConfig.java
@@ -46,7 +46,7 @@ public class AdkWebCorsConfig {
   public CorsConfigurationSource corsConfigurationSource(AdkWebCorsProperties corsProperties) {
     CorsConfiguration configuration = new CorsConfiguration();
 
-    configuration.setAllowedOrigins(corsProperties.origins());
+    configuration.setAllowedOriginPatterns(corsProperties.origins());
     configuration.setAllowedMethods(corsProperties.methods());
     configuration.setAllowedHeaders(corsProperties.headers());
     configuration.setAllowCredentials(corsProperties.allowCredentials());
diff --git a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
index 7de0f77a2..b5ea6e51d 100644
--- a/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
+++ b/dev/src/main/java/com/google/adk/web/config/AdkWebCorsProperties.java
@@ -37,7 +37,7 @@ public record AdkWebCorsProperties(
     origins =
         origins != null && !origins.isEmpty()
             ? origins
-            : List.of("http://localhost:8080", "http://127.0.0.1:8080");
+            : List.of("http://localhost:[*]", "http://127.0.0.1:[*]");
     methods =
         methods != null && !methods.isEmpty()
             ? methods
diff --git a/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java b/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
index a17d72aff..ed64bc71d 100644
--- a/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
+++ b/dev/src/main/java/com/google/adk/web/websocket/WebSocketConfig.java
@@ -42,6 +42,6 @@ public WebSocketConfig(
   public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
     registry
         .addHandler(liveWebSocketHandler, "/run_live")
-        .setAllowedOrigins(corsProperties.origins().toArray(new String[0]));
+        .setAllowedOriginPatterns(corsProperties.origins().toArray(new String[0]));
   }
 }