AntFleet

Anatomy · 52c62f95-0

Comment in middleware.ts misstates CSP policy ('No unsafe-inline') while code includes it

mediumdocs-gapclosed in 2f2b470
repo e24ef98c·PR #5·reviewed 2 weeks ago·closed 2 weeks ago

The vulnerable code

apps/web/middleware.ts:24-26

24  // Tight CSP. self for everything; data: for the inline favicon SVG. No
25  // unsafe-inline, no unsafe-eval — Next.js 16 + Tailwind v4 + next/font
26  // emit static styles that don't need either.

The reasoning

Opus

CSP comment claims 'no unsafe-inline' but style-src includes 'unsafe-inline'

lowdocs-gaphigh
  • apps/web/middleware.ts:25-36
The block comment immediately above the CSP declares 'No unsafe-inline, no unsafe-eval — Next.js 16 + Tailwind v4 + next/font emit static styles that don't need either.' But the very next line sets style-src to 'self' 'unsafe-inline'. This is a deceptive comment that misrepresents the actual policy. A future reader (or a security reviewer relying on the comment) could be misled into believing inline styles are fully blocked when they are not. The trailing inline comment 'Tailwind utility classes are inline-equivalent in dev' further contradicts the leading comment and is itself wrong: Tailwind utility classes are class-based, not inline; what actually requires 'unsafe-inline' is Next.js's runtime-injected <style> tags or third-party inline styles, not Tailwind utilities.

Recommendation

Either (a) remove 'unsafe-inline' from style-src and fix any breakage with a nonce/hash strategy, or (b) update the block comment to accurately state that style-src retains 'unsafe-inline' and explain why. Also correct the misleading inline comment about Tailwind.

GPT-5

CSP allows 'unsafe-inline' in style-src, weakening policy and contradicting comment

mediumsecurityhigh
  • apps/web/middleware.ts:24-26
  • apps/web/middleware.ts:30
'unsafe-inline' in style-src permits inline styles, reducing CSP strictness and enabling CSS injection vectors. The surrounding comment explicitly claims no 'unsafe-inline', so the code both weakens security and misleads maintainers.

Recommendation

Remove 'unsafe-inline' from style-src for production builds. If inline styles are required during development, gate it by NODE_ENV (include only in development). If specific inline styles are needed in production, use nonces or hashes instead of 'unsafe-inline'.

The agreement

Both frontier models flagged this within the same line range. AntFleet's unanimous gate fired — the finding posted on the PR. Closed in 2f2b470.

The fix

24  // Tight CSP. self for everything; data: for the inline favicon SVG.
25  //   script-src: 'self' only — no unsafe-inline, no unsafe-eval.
26  //   style-src:  'self' + 'unsafe-inline'. Required because Tailwind v4 +

Closure

Closed 2 weeks ago

SHA: 2f2b470bd015d5c3d34df78ca94558aecf99afe3

View closure receipt on GitHub →

Tweet thread template

tweet 1 of 8176 / 280

Two frontier models reviewed PR #5 on e24ef98c. Both found this bug: medium docs-gap: Comment in middleware.ts misstates CSP policy ('No unsafe-inline') while code includes it

tweet 2 of 8114 / 280

The vulnerable code (apps/web/middleware.ts:24-26): (full snippet at https://www.antfleet.dev/anatomy/52c62f95-0)

tweet 3 of 8280 / 280

What Opus saw: "The block comment immediately above the CSP declares 'No unsafe-inline, no unsafe-eval — Next.js 16 + Tailwind v4 + next/font emit static styles that don't need either.' But the very next line sets style-src to 'self' 'unsafe-inline'. This is a deceptive comment…

tweet 4 of 8252 / 280

What GPT-5 saw: "'unsafe-inline' in style-src permits inline styles, reducing CSP strictness and enabling CSS injection vectors. The surrounding comment explicitly claims no 'unsafe-inline', so the code both weakens security and misleads maintainers."

tweet 5 of 897 / 280

Both flagged the same line range. AntFleet's unanimous gate fired — the finding posted on the PR.

tweet 6 of 893 / 280

The fix landed in commit 2f2b470: (view diff at https://www.antfleet.dev/anatomy/52c62f95-0)

tweet 7 of 881 / 280

AntFleet reviews every PR with two frontier models. Only unanimous findings post.

tweet 8 of 877 / 280

Full anatomy + reasoning + diffs: https://www.antfleet.dev/anatomy/52c62f95-0

Paste into X composer one tweet at a time. X has no multi-tweet intent API.

view receipt →all receipts →view disagreements →case studies →