Fix(chore): security hardening

[karim-semmoud]

Summary

Addresses findings from the Corex security audit across client hooks, Mix generators, the installer, components, MCP configuration, and release hygiene. Each area is a separate commit for review.

This PR is independent of #54 (fix/mcp-security-hardening), which hardens the MCP transport itself (Tidewave alignment, relative paths, prod guard, tool validation). This branch adds configurable MCP error redaction and remote-access warnings on top of the existing plug behavior.

Motivation

A full-library review identified trust-boundary gaps: DOM events treated like server payloads, generator path traversal, EEx re-evaluation on inject, installer string injection, CSS breakout in inline styles, open redirect patterns in links/pagination, and verbose MCP errors leaking stack traces to clients.

Commits

Commit	Theme
fix(toast): ignore labelHtml and execJs from untrusted DOM events	Split trusted server vs untrusted DOM toast action parsing
fix(mix): contain corex.code output paths within project root	assert_within_project_root!/1 for generated file paths
fix(mix): validate generator flags and migration_dir	validate_identifier!/1, validate_migration_dir!/1, schema validation
fix(mix): stop EEx re-eval in inject_eex_before_final_end	Plain string splice instead of EEx.eval_string on target files
fix(installer): harden --dev path and COREX_NEW_CACHE_DIR copy	Quote/validate dev path; File.cp_r!/2 per entry for cache copy
fix(installer): validate web_module like root module	Same validity/availability checks as root module in corex.new
fix(color-picker): reject CSS breakout in inline style values	Strict color parse only; no passthrough into --value / presets
fix(components): harden file upload cancel, navigate, and pagination URLs	Corex.Url.allowed_href?/1 (via URI.parse/1); safe cancel helper
chore: re-enable sobelow checks and add hex.audit to release.check	Drop global RCE.EEx / Traversal.FileModule ignores; scoped file ignores
dev(mix): add sponsor link	Unrelated housekeeping (consider dropping from this PR if you want a pure security diff)
fix(mcp): redact tool errors by default and warn on remote access	mcp_verbose_errors, gated debug logging, init warning for remote access

Changes by area

Toast (F1)

• assets/hooks/toast.ts: parseServerActionSpec vs parseDomActionSpec; DOM toast:create / toast:update ignore labelHtml and execJs
• Tests in assets/test/hooks/toast.test.ts

Mix generators and corex.code (F3, F4, F7)

• lib/mix/corex.ex: project_root/0, assert_within_project_root!/1, validate_identifier!/1, validate_migration_dir!/1
• lib/mix/tasks/corex.code.ex: path containment before write
• lib/mix/tasks/corex.gen.html.ex, lib/mix/tasks/corex.gen.live.ex, lib/mix/corex/gen/context.ex: flag validation wired in
• inject_eex_before_final_end/3: no EEx re-eval of existing target file content
• Tests: test/mix/tasks/corex.code_test.exs, test/mix/corex_test.exs, test/mix/tasks/corex.gen.html_test.exs, test/mix/corex/gen/context_test.exs

Installer (F2, F5, F6, F16)

• installer/lib/corex_new/patches.ex: inspect/1 for --dev path in deps; validate before write
• installer/lib/corex_new/post_generate.ex: validate COREX_NEW_CACHE_DIR; copy with File.cp_r!/2 per entry
• installer/templates/corex/assets/js/app.js.eex: safe import via inspect(@corex_js_import)
• installer/lib/mix/tasks/corex.new.ex: web_module validity and availability checks
• Tests: installer/test/core_new_test.exs, installer/test/post_generate_test.exs

Color picker (F8)

• lib/components/color_picker/initial.ex: removed CSS passthrough in maybe_css_color/1
• lib/components/color_picker.ex: inline --value and presets use parsed RGBA only
• Tests: test/components/color_picker_test.exs

Components (F12, F13)

• New lib/corex/url.ex: allowed_href?/1 mirrors client assets/lib/redirect.ts policy using URI.parse/1
• lib/components/navigate.ex: omit disallowed to values (with warning)
• lib/components/pagination/utils.ex: page_href/5 returns nil for bad bases
• lib/components/file_upload_live.ex: cancel_upload_from_params/3 whitelists upload_field
• Tests: test/corex/url_test.exs, navigate/pagination/file_upload_live tests

MCP (F9, F10, F11)

• lib/mcp/server.ex: generic tool failure text by default; full exceptions in logs; JSON-RPC detail logging gated on config :corex, debug: true
• lib/mcp/plug.ex: verbose_errors in plug config; warning at init when allow_remote_access: true
• config/config.exs: config :corex, mcp_verbose_errors: false
• guides/MCP.md: Security section
• Tests: test/corex/mcp/server_test.exs, test/corex/mcp/plug_test.exs

Hygiene (F15)

• .sobelow-conf: re-enable Traversal.FileModule and RCE.EEx globally; ignore_files only for generator/doc tooling paths
• mix.exs: release.check runs hex.audit before lint

Relationship to PR #54

Concern	This PR	PR #54
MCP transport / Tidewave alignment	No	Yes
Relative source_path, prod guard, tool arg validation	No	Yes
CSP rewrite removal on non-MCP routes	No	Yes
Tool error redaction (mcp_verbose_errors)	Yes	No (deferred there)
Remote access init warning	Yes	No

Recommended merge order: land #54 first, then rebase this branch and resolve any overlap in lib/mcp/plug.ex, lib/mcp/server.ex, and guides/MCP.md.

Test plan

• mix test
• mix lint
• mix release.check (includes hex.audit)
• cd e2e && mix test (POST/PUT controller and form tests; MCP e2e)
• cd integration_test && mix test --include database
• npm test in assets/ (toast hook tests)
• Manual: toast DOM events cannot inject HTML/JS actions; navigate rejects javascript: URLs
• Manual: MCP tool failure returns generic message unless mcp_verbose_errors: true

Breaking changes

None for normal app usage. Generator operators passing invalid --migration-dir or schema names now get explicit errors instead of silent bad output.