Allow private HTTP core URLs

[vaddisrinivas]

Summary

• Allow desktop cloud mode to connect to private HTTP core URLs on localhost, RFC1918 LAN hosts, and tailnet/CGNAT ranges such as Tailscale 100.x.x.x.
• Keep public http:// core URLs rejected; publicly reachable cores must still use HTTPS.
• Widen the Tauri CSP so validated HTTP/WS private core URLs can actually fetch/connect.
• Document the tailnet-only VM pattern for hosted cores with no public IP.
• Replace unstable Rust char-boundary helpers with stable local helpers so rust:check works on the pinned stable toolchain.

Problem

• A tailnet-only core at http://100.116.244.64:7788 failed from the desktop app with Failed to fetch.
• The UI validation and CSP were not aligned: private HTTP cores should be usable, but public HTTP cores should stay blocked.
• Local pre-push was also blocked by native CEF/whisper build prerequisites and then by unstable standard-library floor_char_boundary / ceil_char_boundary calls.

Solution

• Add private/local host detection for cloud core URLs and use it to allow only safe HTTP targets.
• Keep the public-host guard explicit so http://example.com remains rejected in cloud mode.
• Permit http: and ws: in Tauri connect-src, with app-side validation as the guardrail.
• Add tests for Tailscale/private HTTP allow paths and public HTTP rejection paths.
• Add stable UTF-8 boundary helper functions and use them where output truncation needs char-safe byte indexes.

Submission Checklist

• Tests added or updated (happy path + at least one failure / edge case) per Testing Strategy: private/Tailscale HTTP happy paths and public HTTP rejection paths covered in Vitest; Rust char-boundary helper covered by unit test.
• Diff coverage >= 80%: local focused tests cover changed lines. Full pnpm --filter openhuman-app test:coverage was attempted but hit an unrelated, isolated-passing CoreStateProvider cache test; CI diff-cover remains source of truth.
• Coverage matrix updated: N/A — no feature row was added, removed, or renamed.
• All affected feature IDs from the matrix are listed in the PR description under ## Related: N/A — no existing matrix feature ID maps to cloud-core URL transport validation.
• No new external network dependencies introduced (mock backend used per Testing Strategy).
• Manual smoke checklist updated if this touches release-cut surfaces (docs/RELEASE-MANUAL-SMOKE.md): N/A — not a release-cut smoke surface; docs and automated tests updated.
• Linked issue closed via Closes #NNN in the ## Related section: N/A — no linked issue.

Impact

• Desktop cloud mode can target a private remote core over HTTP when the host is local/private/tailnet-only.
• Public cloud deployments still require HTTPS.
• No migration required. Existing local mode and existing HTTPS cloud-core configs are preserved.
• Security impact: private HTTP is limited by URL validation; bearer token auth is unchanged.

Related

• Closes: N/A — no linked issue.
• Follow-up PR(s)/TODOs: N/A.

---

AI Authored PR Metadata (required for Codex/Linear PRs)

Linear Issue

• Key: N/A — no Linear issue supplied.
• URL: N/A.

Commit & Branch

• Branch: codex/allow-private-http-core
• Commit SHA: b47ce497facf01220ae65b68fb99030b922865a6

Validation Run

• pnpm --filter openhuman-app format:check
• pnpm typecheck (pnpm --filter openhuman-app compile via pre-push)
• Focused tests: pnpm exec vitest run --config test/vitest.config.ts src/utils/__tests__/configPersistence.test.ts src/components/BootCheckGate/__tests__/BootCheckGate.test.tsx
• Rust fmt/check (if changed): cargo test --manifest-path Cargo.toml char_boundary; env -u BACKEND_URL -u VITE_BACKEND_URL cargo test -p openhuman; pnpm --filter openhuman-app rust:check
• Tauri fmt/check (if changed): included in pnpm --filter openhuman-app format:check and pnpm --filter openhuman-app rust:check

Validation Blocked

• command: pnpm --filter openhuman-app test:coverage
• error: one unrelated local failure: CoreStateProvider — identity-change cache clearing > preserves teams cache when identity is unchanged across refreshes; focused retry of that exact test passed.
• impact: coverage command did not complete locally; PR-specific focused Vitest tests passed and CI coverage gate remains authoritative.
• command: pnpm test:rust
• error: local script exports BACKEND_URL before cargo test, so Rust option_env!("BACKEND_URL") bakes the mock URL into tests that expect default API behavior.
• impact: CI-like env -u BACKEND_URL -u VITE_BACKEND_URL cargo test -p openhuman passed locally.

Behavior Changes

• Intended behavior change: allow private/local HTTP remote core URLs, including Tailscale 100.x.x.x, while rejecting public HTTP core URLs.
• User-visible effect: a tailnet-only remote core such as http://100.x.x.x:7788/rpc can be used from the desktop cloud-mode picker.

Parity Contract

• Legacy behavior preserved: local embedded core mode unchanged; HTTPS cloud core URLs unchanged; auth token storage and bearer forwarding unchanged.
• Guard/fallback/dispatch parity checks: public HTTP rejection covered; private HTTP allow paths covered; malformed/private-host edge cases covered; CSP now permits the validated transport.

Duplicate / Superseded PR Handling

• Duplicate PR(s): N/A.
• Canonical PR: Allow private HTTP core URLs #1765.
• Resolution (closed/superseded/updated): updated existing PR.

Summary by CodeRabbit

• New Features

  • Cloud mode now validates HTTP core URLs: restricted to local and private networks only; HTTPS permitted on all hosts.

• Documentation

  • Updated cloud deployment guide with examples for localhost, private network, and tailnet connections to hosted cores.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds HTTP-to-localhost URL restrictions for cloud-mode RPC picker via new validation helpers and refactors Rust truncation logic to use a shared UTF-8 character boundary utility. Changes span desktop app configuration, picker validation, and multiple backend tool/service truncation sites.

Changes

Cloud RPC URL validation

Layer / File(s)	Summary
Cloud RPC URL validation helpers app/src/utils/configPersistence.ts, app/src/utils/__tests__/configPersistence.test.ts	isLocalOrPrivateNetworkHost classifies hostnames as local/private (localhost, RFC1918, CGNAT, Tailscale, IPv6 link-local). isAllowedCloudRpcUrl restricts HTTP to those ranges while allowing HTTPS globally. Unit tests cover localhost, private ranges, public rejection, and cloud URL rules.
BootCheckGate picker validation app/src/components/BootCheckGate/BootCheckGate.tsx, app/src/components/BootCheckGate/__tests__/BootCheckGate.test.tsx	BootCheckGate imports and applies the new HTTP restriction during mode picker URL validation. Test mock refactored to preserve original configPersistence exports. New test cases verify Tailscale HTTP URL acceptance and public HTTP URL rejection with error message.
Configuration and documentation app/src-tauri/tauri.conf.json, gitbooks/features/cloud-deploy.md	Tauri CSP connect-src updated. Cloud deployment docs clarify public host (HTTPS required) vs. private host (HTTP allowed) connection patterns, with tailnet-only configuration example.

UTF-8 boundary helper refactoring

Layer / File(s)	Summary
UTF-8 ceil_char_boundary utility src/openhuman/util.rs	New ceil_char_boundary helper rounds byte indices upward to valid UTF-8 character boundaries. Unit tests validate boundary and mid-character rounding.
Truncation call site refactoring src/openhuman/memory/tree/ingest.rs, src/openhuman/tools/impl/browser/screenshot.rs, src/openhuman/tools/impl/system/node_exec.rs, src/openhuman/tools/impl/system/npm_exec.rs, src/openhuman/tools/impl/system/shell.rs, src/openhuman/tree_summarizer/engine.rs	All truncation sites refactored to call crate::openhuman::util::floor_char_boundary and ceil_char_boundary helpers instead of direct string method calls. Truncation behavior and byte limits unchanged; only boundary computation centralized.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• tinyhumansai/openhuman#1316: Adds the BootCheckGate core mode picker that this PR extends with HTTP URL validation rules.
• tinyhumansai/openhuman#1549: Prior UTF-8 boundary refactoring that this PR continues by adding ceil_char_boundary and refactoring additional truncation sites.

Suggested reviewers

• senamakel

Poem

🐰 The rabbit hops through URLs with care,
Restricting HTTP to localhost's lair,
While UTF-8 helpers round boundaries true,
Each truncation site now safer through and through! 🦀✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title accurately and concisely summarizes the main change: permitting HTTP core URLs for private/local addresses while rejecting public HTTP URLs.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[senamakel]

really great pr @vaddisrinivas well done