[SECURITY] API CORS wildcard enables CSRF on all endpoints

[508704820]

Bug

In rips/rustchain-core/api/rpc.py, _send_response() sets Access-Control-Allow-Origin: * which allows any website to call the API. Combined with unauthenticated governance endpoints and the open /rpc JSON-RPC endpoint, malicious sites can create proposals, cast votes, and invoke any RPC method via CSRF.

Fix

Remove wildcard CORS, restrict to specific origins, add CSRF token validation for state-changing operations.

Wallet

RTC9d7caca3039130d3b26d41f7343d8f4ef4592360

[minyanyi]

Submitted PR #4623 for this: #4623

It removes the default wildcard CORS response, reflects only origins configured in RUSTCHAIN_API_ALLOWED_ORIGINS, and requires X-RustChain-CSRF-Token to match RUSTCHAIN_API_CSRF_TOKEN for browser-origin state-changing POST paths.

Verification run locally:

• python -m pytest test_rpc_cors_csrf.py -q -> 4 passed
• git diff --check -> clean

wallet: minyanyi
payout address: 0x2E4380d2e1668Ca9fA3Ef91fF776FDc140Cf3fE8

[saim256]

Opened fix PR: #4624

Scope:

• removes wildcard CORS from the core API response path;
• adds exact-origin CORS allowlisting via RUSTCHAIN_API_ALLOWED_ORIGINS;
• adds OPTIONS preflight handling without wildcard origin reflection;
• requires RUSTCHAIN_API_CSRF_TOKEN through X-CSRF-Token for state-changing REST routes and mutating JSON-RPC methods;
• rejects state-changing operations over non-POST methods.

Verification:

• python -m pytest tests\test_rustchain_core_api_cors_csrf.py -q -> 4 passed
• python -m py_compile rips\rustchain-core\api\rpc.py tests\test_rustchain_core_api_cors_csrf.py -> passed
• git diff --check origin/main...HEAD -- rips\rustchain-core\api\rpc.py tests\test_rustchain_core_api_cors_csrf.py -> passed
• python tools\bcos_spdx_check.py --base-ref origin/main -> BCOS SPDX check: OK

No live target testing was performed.