#23765: Gateway hooks: enforce JSON content type and strict payload keys
gateway
size: S
trusted-contributor
Cluster:
Gateway and Hooks Enhancements
## Summary
- enforce `Content-Type: application/json` for hooks ingress POST requests
- reject unknown top-level keys for `/hooks/wake` and `/hooks/agent` payloads (fail-closed schema behavior)
- keep existing body size limits in place and covered by tests
## Testing
- pnpm lint
- pnpm vitest run src/gateway/server-http.hooks-request-timeout.test.ts
<!-- greptile_comment -->
<h3>Greptile Summary</h3>
This PR hardens the gateway hooks ingress by adding two validation layers before payload processing:
- **Content-Type enforcement**: Returns HTTP 415 if the `Content-Type` header is not `application/json` (or a `+json` subtype), checked before body parsing to avoid unnecessary work.
- **Strict payload key validation**: Rejects requests to `/hooks/wake` and `/hooks/agent` that contain unrecognized top-level keys, implementing fail-closed schema behavior. Allowed keys are defined as static `Set` constants that match the fields processed by `normalizeWakePayload` and `normalizeAgentPayload`.
The validation correctly applies only to the two built-in hook endpoints and does not affect mapped hooks (which accept arbitrary external payloads). Tests cover all new rejection paths.
<h3>Confidence Score: 5/5</h3>
- This PR is safe to merge — it adds input validation that strictly narrows accepted requests without altering existing valid behavior.
- The changes are straightforward input validation additions. The allowed key sets are verified to match the fields processed by the existing normalize functions. Content-type checking uses correct HTTP semantics (415 status). No existing behavior is altered for valid requests. Tests cover all new rejection paths. No security concerns — the changes actually improve security posture.
- No files require special attention.
<sub>Last reviewed commit: 08ca08a</sub>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
Most Similar PRs
#23447: Gateway: harden hook ingress content-type validation
by bmendonca3 · 2026-02-22
91.4%
#23410: Gateway: require prefixes for hook request session-key overrides
by bmendonca3 · 2026-02-22
76.9%
#23763: Hooks: require session key prefixes for request override
by bmendonca3 · 2026-02-22
75.8%
#8121: fix(gateway): remove query parameter token support for hooks
by yubrew · 2026-02-03
75.7%
#10679: fix(hooks): invoke gateway_start and gateway_stop in lifecycle
by yassinebkr · 2026-02-06
75.3%
#6405: feat(security): Add HTTP API security hooks for plugin scanning
by masterfung · 2026-02-01
75.3%
#23461: Gateway: add hook replay protection with timestamp and nonce
by bmendonca3 · 2026-02-22
74.0%
#23355: Gateway: fail closed on untrusted proxy headers
by bmendonca3 · 2026-02-22
73.3%
#9403: feat(hooks): Support application/x-www-form-urlencoded content-type...
by chipgpt · 2026-02-05
73.0%
#9909: Gateway: add HITL approvals integration
by FletcherFrimpong · 2026-02-05
72.8%