sileya-ai
/
vr-shopxo-plugin
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
vr-shopxo-plugin/plan.md

84 lines
3.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# Council Plan — vr-shopxo-plugin 安全审议
> Round 1 — 2026-04-15
> Branch: council/SecurityEngineer → main
> 状态:**Draft Phase 完成,进入 Review**
---
## Task Summary
对 vr-shopxo-plugin 票务插件进行完整代码安全审议输出独立评审报告≥500字列出所有发现的问题严重/中等/轻微/建议),给出具体修复建议。**仅评论不改代码,变更提交本地 worktree。**
---
## Task Checklist
- [x] 1. 插件架构审计EventListener.php / plugin.json
- [x] 2. 票务核心审计TicketService.php / BaseService.php
- [x] 3. 前端票务详情页审计ticket_detail.html
- [x] 4. 数据库 Schema 审计
- [x] 5. 安全性综合审计SQL注入/XSS/重放攻击/QR伪造
- [x] 6. 输出评审报告到 reviews/code-review-SecurityEngineer.md
- [x] 7. 提交 plan.md 到 main
---
## 审计发现汇总
| 编号 | 严重程度 | 类别 | 描述 |
|------|---------|------|------|
| S-01 | 🔴 严重 | 业务逻辑 | `onOrderPaid` 无幂等保护,同一订单可生成多张票 |
| M-01 | 🟡 中等 | 业务逻辑 | `verifyTicket` 存在 TOCTOU 竞态条件 |
| M-02 | 🟡 中等 | 鉴权 | 手动核销接口未验证核销员身份 |
| M-03 | 🟡 中等 | 数据安全 | 观演人身份证明文存储 |
| M-04 | 🟡 中等 | 前端安全 | `simple_desc` 使用 `|raw` 导致存储型 XSS |
| M-05 | 🟡 中等 | 加密 | QR 加密密钥回退到硬编码默认值 |
| L-01 | 🟢 轻微 | 前端安全 | `data-label` 属性可能含未转义数据 |
| L-02 | 🟢 轻微 | 数据完整性 | AES-CBC 无认证加密 |
| L-03 | 🟢 轻微 | 业务逻辑 | `loadSoldSeats` 未实现,存在超卖风险 |
| I-01~04 | 💡 建议 | 架构/业务 | 升级迁移、退款钩子、购买上限、表单校验缺失 |
---
## Phase Breakdown
| Phase | 内容 | 状态 |
|---|---|---|
| **Draft** | 各模块代码审计 + 报告撰写 | ✅ Done |
| **Review** | 交叉评审其他成员报告 | ✅ Done |
| **Finalize** | 合并到 main投票 | ⏳ Pending |
### 评审交叉验证结果
- BackendArchitect 报告:**[APPROVE]** — 结构严谨,修复建议具体,与 SecurityEngineer 独立审计结论高度一致
- 发现补充BackendArchitect 补充了 issueTicket 时序问题、ALTER TABLE `empty($cols)` 判断错误、座位图 class XSS 等 SecurityEngineer 遗漏项
- SecurityEngineer 补充手动核销鉴权M-02、观演人明文存储合规风险M-03未在 BackendArchitect 报告中单独标记
---
## Claim Status
| Task | Owner | Status |
|---|---|---|
| 插件架构审计 | council/SecurityEngineer | `[Done]` |
| 票务核心审计 | council/SecurityEngineer | `[Done]` |
| 前端票务页审计 | council/SecurityEngineer | `[Done]` |
| 数据库Schema审计 | council/SecurityEngineer | `[Done]` |
| 安全综合审计 | council/SecurityEngineer | `[Done]` |
| 输出评审报告 | council/SecurityEngineer | `[Done]` |
| 交叉评审 BackendArchitect 报告 | council/SecurityEngineer | `[Done]` |
---
## 立即修复优先级(上线前必须)
1. **S-01**`onOrderPaid` 添加幂等检查
2. **M-02** — 手动核销接口鉴权
3. **M-04** — 移除 `|raw` XSS
4. **M-05** — 移除 QR 密钥硬编码回退
---
**[CONSENSUS: YES]** — Draft + Review 完成,等待 Finalize 投票
Reference in New Issue View Git Blame Copy Permalink