feat(安全): 添加安全开关并完善测试流程

实现安全开关默认关闭与响应头透传逻辑 - URL 校验与响应头过滤支持开关并覆盖流式路径 - 非流式 Content-Type 透传/默认值按配置生效 - 接入 go test、golangci-lint 与前端 lint/typecheck - 补充相关测试与配置/文档说明
2026-01-05 13:54:43 +08:00
parent c8e5455df0
commit 794a9f969b
24 changed files with 1811 additions and 14 deletions
--- a/12
+++ b/12
@@ -1,4 +1,4 @@
-.PHONY: build build-backend build-frontend
+.PHONY: build build-backend build-frontend test test-backend test-frontend

 # 一键编译前后端
 build: build-backend build-frontend
@@ -10,3 +10,13 @@ build-backend:
 # 编译前端（需要已安装依赖）
 build-frontend:
 	@npm --prefix frontend run build
+
+# 运行测试（后端 + 前端）
+test: test-backend test-frontend
+
+test-backend:
+	@$(MAKE) -C backend test
+
+test-frontend:
+	@npm --prefix frontend run lint:check
+	@npm --prefix frontend run typecheck
--- a/README.md
+++ b/README.md
@@ -272,11 +272,19 @@ Additional security-related options are available in `config.yaml`:

 - `cors.allowed_origins` for CORS allowlist
 - `security.url_allowlist` for upstream/pricing/CRS host allowlists
+- `security.url_allowlist.enabled` to disable URL validation (use with caution)
+- `security.response_headers.enabled` to disable response header filtering
 - `security.csp` to control Content-Security-Policy headers
 - `billing.circuit_breaker` to fail closed on billing errors
 - `server.trusted_proxies` to enable X-Forwarded-For parsing
 - `turnstile.required` to require Turnstile in release mode

+If you disable URL validation or response header filtering, harden your network layer:
+- Enforce an egress allowlist for upstream domains/IPs
+- Block private/loopback/link-local ranges
+- Enforce TLS-only outbound traffic
+- Strip sensitive upstream response headers at the proxy
+
 ```bash
 # 6. Run the application
 ./sub2api
--- a/README_CN.md
+++ b/README_CN.md
@@ -272,11 +272,19 @@ default:

 - `cors.allowed_origins` 配置 CORS 白名单
 - `security.url_allowlist` 配置上游/价格数据/CRS 主机白名单
+- `security.url_allowlist.enabled` 可关闭 URL 校验（慎用）
+- `security.response_headers.enabled` 可关闭响应头过滤
 - `security.csp` 配置 Content-Security-Policy
 - `billing.circuit_breaker` 计费异常时 fail-closed
 - `server.trusted_proxies` 启用可信代理解析 X-Forwarded-For
 - `turnstile.required` 在 release 模式强制启用 Turnstile

+如关闭 URL 校验或响应头过滤，请加强网络层防护：
+- 出站访问白名单限制上游域名/IP
+- 阻断私网/回环/链路本地地址
+- 强制仅允许 TLS 出站
+- 在反向代理层移除敏感响应头
+
 ```bash
 # 6. 运行应用
 ./sub2api
--- a/backend/Makefile
+++ b/backend/Makefile
@@ -1,8 +1,12 @@
-.PHONY: build test-unit test-integration test-e2e
+.PHONY: build test test-unit test-integration test-e2e

 build:
 	go build -o bin/server ./cmd/server

+test:
+	go test ./...
+	golangci-lint run ./...
+
 test-unit:
 	go test -tags=unit ./...

--- a/backend/internal/config/config.go
+++ b/backend/internal/config/config.go
@@ -126,6 +126,7 @@ type SecurityConfig struct {
 }

 type URLAllowlistConfig struct {
+	Enabled           bool     `mapstructure:"enabled"`
 	UpstreamHosts     []string `mapstructure:"upstream_hosts"`
 	PricingHosts      []string `mapstructure:"pricing_hosts"`
 	CRSHosts          []string `mapstructure:"crs_hosts"`
@@ -133,6 +134,7 @@ type URLAllowlistConfig struct {
 }

 type ResponseHeaderConfig struct {
+	Enabled           bool     `mapstructure:"enabled"`
 	AdditionalAllowed []string `mapstructure:"additional_allowed"`
 	ForceRemove       []string `mapstructure:"force_remove"`
 }
@@ -381,6 +383,13 @@ func Load() (*Config, error) {
 		return nil, fmt.Errorf("validate config error: %w", err)
 	}

+	if !cfg.Security.URLAllowlist.Enabled {
+		log.Println("Warning: security.url_allowlist.enabled=false; URL validation is disabled.")
+	}
+	if !cfg.Security.ResponseHeaders.Enabled {
+		log.Println("Warning: security.response_headers.enabled=false; response header filtering is disabled.")
+	}
+
 	if cfg.Server.Mode != "release" && cfg.JWT.Secret != "" && isWeakJWTSecret(cfg.JWT.Secret) {
 		log.Println("Warning: JWT secret appears weak; use a 32+ character random secret in production.")
 	}
@@ -410,6 +419,7 @@ func setDefaults() {
 	viper.SetDefault("cors.allow_credentials", true)

 	// Security
+	viper.SetDefault("security.url_allowlist.enabled", false)
 	viper.SetDefault("security.url_allowlist.upstream_hosts", []string{
 		"api.openai.com",
 		"api.anthropic.com",
@@ -425,6 +435,7 @@ func setDefaults() {
 	})
 	viper.SetDefault("security.url_allowlist.crs_hosts", []string{})
 	viper.SetDefault("security.url_allowlist.allow_private_hosts", false)
+	viper.SetDefault("security.response_headers.enabled", false)
 	viper.SetDefault("security.response_headers.additional_allowed", []string{})
 	viper.SetDefault("security.response_headers.force_remove", []string{})
 	viper.SetDefault("security.csp.enabled", true)
--- a/backend/internal/config/config_test.go
+++ b/backend/internal/config/config_test.go
@@ -68,3 +68,19 @@ func TestLoadSchedulingConfigFromEnv(t *testing.T) {
 		t.Fatalf("StickySessionMaxWaiting = %d, want 5", cfg.Gateway.Scheduling.StickySessionMaxWaiting)
 	}
 }
+
+func TestLoadDefaultSecurityToggles(t *testing.T) {
+	viper.Reset()
+
+	cfg, err := Load()
+	if err != nil {
+		t.Fatalf("Load() error: %v", err)
+	}
+
+	if cfg.Security.URLAllowlist.Enabled {
+		t.Fatalf("URLAllowlist.Enabled = true, want false")
+	}
+	if cfg.Security.ResponseHeaders.Enabled {
+		t.Fatalf("ResponseHeaders.Enabled = true, want false")
+	}
+}
--- a/backend/internal/handler/gemini_v1beta_handler.go
+++ b/backend/internal/handler/gemini_v1beta_handler.go
@@ -379,7 +379,7 @@ func writeUpstreamResponse(c *gin.Context, res *service.UpstreamHTTPResult) {
 	}
 	for k, vv := range res.Headers {
 		// Avoid overriding content-length and hop-by-hop headers.
-		if strings.EqualFold(k, "Content-Length") || strings.EqualFold(k, "Transfer-Encoding") || strings.EqualFold(k, "Connection") || strings.EqualFold(k, "Www-Authenticate") {
+		if strings.EqualFold(k, "Content-Length") || strings.EqualFold(k, "Transfer-Encoding") || strings.EqualFold(k, "Connection") {
 			continue
 		}
 		for _, v := range vv {
--- a/backend/internal/repository/http_upstream.go
+++ b/backend/internal/repository/http_upstream.go
@@ -154,6 +154,9 @@ func (s *httpUpstreamService) shouldValidateResolvedIP() bool {
 	if s.cfg == nil {
 		return false
 	}
+	if !s.cfg.Security.URLAllowlist.Enabled {
+		return false
+	}
 	return !s.cfg.Security.URLAllowlist.AllowPrivateHosts
 }

--- a/backend/internal/repository/pricing_service.go
+++ b/backend/internal/repository/pricing_service.go
@@ -19,12 +19,14 @@ type pricingRemoteClient struct {

 func NewPricingRemoteClient(cfg *config.Config) service.PricingRemoteClient {
 	allowPrivate := false
+	validateResolvedIP := true
 	if cfg != nil {
 		allowPrivate = cfg.Security.URLAllowlist.AllowPrivateHosts
+		validateResolvedIP = cfg.Security.URLAllowlist.Enabled
 	}
 	sharedClient, err := httpclient.GetClient(httpclient.Options{
 		Timeout:            30 * time.Second,
-		ValidateResolvedIP: true,
+		ValidateResolvedIP: validateResolvedIP,
 		AllowPrivateHosts:  allowPrivate,
 	})
 	if err != nil {
--- a/backend/internal/repository/proxy_probe_service.go
+++ b/backend/internal/repository/proxy_probe_service.go
@@ -17,9 +17,11 @@ import (
 func NewProxyExitInfoProber(cfg *config.Config) service.ProxyExitInfoProber {
 	insecure := false
 	allowPrivate := false
+	validateResolvedIP := true
 	if cfg != nil {
 		insecure = cfg.Security.ProxyProbe.InsecureSkipVerify
 		allowPrivate = cfg.Security.URLAllowlist.AllowPrivateHosts
+		validateResolvedIP = cfg.Security.URLAllowlist.Enabled
 	}
 	if insecure {
 		log.Printf("[ProxyProbe] Warning: TLS verification is disabled for proxy probing.")
@@ -28,6 +30,7 @@ func NewProxyExitInfoProber(cfg *config.Config) service.ProxyExitInfoProber {
 		ipInfoURL:          defaultIPInfoURL,
 		insecureSkipVerify: insecure,
 		allowPrivateHosts:  allowPrivate,
+		validateResolvedIP: validateResolvedIP,
 	}
 }

@@ -37,6 +40,7 @@ type proxyProbeService struct {
 	ipInfoURL          string
 	insecureSkipVerify bool
 	allowPrivateHosts  bool
+	validateResolvedIP bool
 }

 func (s *proxyProbeService) ProbeProxy(ctx context.Context, proxyURL string) (*service.ProxyExitInfo, int64, error) {
@@ -45,7 +49,7 @@ func (s *proxyProbeService) ProbeProxy(ctx context.Context, proxyURL string) (*s
 		Timeout:            15 * time.Second,
 		InsecureSkipVerify: s.insecureSkipVerify,
 		ProxyStrict:        true,
-		ValidateResolvedIP: true,
+		ValidateResolvedIP: s.validateResolvedIP,
 		AllowPrivateHosts:  s.allowPrivateHosts,
 	})
 	if err != nil {
--- a/backend/internal/service/account_test_service.go
+++ b/backend/internal/service/account_test_service.go
@@ -72,6 +72,9 @@ func (s *AccountTestService) validateUpstreamBaseURL(raw string) (string, error)
 	if s.cfg == nil {
 		return "", errors.New("config is not available")
 	}
+	if !s.cfg.Security.URLAllowlist.Enabled {
+		return strings.TrimSpace(raw), nil
+	}
 	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 		AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
 		RequireAllowlist: true,
--- a/backend/internal/service/crs_sync_service.go
+++ b/backend/internal/service/crs_sync_service.go
@@ -194,9 +194,13 @@ func (s *CRSSyncService) SyncFromCRS(ctx context.Context, input SyncFromCRSInput
 	if s.cfg == nil {
 		return nil, errors.New("config is not available")
 	}
-	baseURL, err := normalizeBaseURL(input.BaseURL, s.cfg.Security.URLAllowlist.CRSHosts, s.cfg.Security.URLAllowlist.AllowPrivateHosts)
-	if err != nil {
-		return nil, err
+	baseURL := strings.TrimSpace(input.BaseURL)
+	if s.cfg.Security.URLAllowlist.Enabled {
+		normalized, err := normalizeBaseURL(baseURL, s.cfg.Security.URLAllowlist.CRSHosts, s.cfg.Security.URLAllowlist.AllowPrivateHosts)
+		if err != nil {
+			return nil, err
+		}
+		baseURL = normalized
 	}
 	if strings.TrimSpace(input.Username) == "" || strings.TrimSpace(input.Password) == "" {
 		return nil, errors.New("username and password are required")
@@ -204,7 +208,7 @@ func (s *CRSSyncService) SyncFromCRS(ctx context.Context, input SyncFromCRSInput

 	client, err := httpclient.GetClient(httpclient.Options{
 		Timeout:            20 * time.Second,
-		ValidateResolvedIP: true,
+		ValidateResolvedIP: s.cfg.Security.URLAllowlist.Enabled,
 		AllowPrivateHosts:  s.cfg.Security.URLAllowlist.AllowPrivateHosts,
 	})
 	if err != nil {
--- a/backend/internal/service/gateway_service.go
+++ b/backend/internal/service/gateway_service.go
@@ -1583,6 +1583,10 @@ func (s *GatewayService) handleStreamingResponse(ctx context.Context, resp *http
 	// 更新5h窗口状态
 	s.rateLimitService.UpdateSessionWindow(ctx, account, resp.Header)

+	if s.cfg != nil {
+		responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
+	}
+
 	// 设置SSE响应头
 	c.Header("Content-Type", "text/event-stream")
 	c.Header("Cache-Control", "no-cache")
@@ -1837,8 +1841,15 @@ func (s *GatewayService) handleNonStreamingResponse(ctx context.Context, resp *h

 	responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)

+	contentType := "application/json"
+	if s.cfg != nil && !s.cfg.Security.ResponseHeaders.Enabled {
+		if upstreamType := resp.Header.Get("Content-Type"); upstreamType != "" {
+			contentType = upstreamType
+		}
+	}
+
 	// 写入响应
-	c.Data(resp.StatusCode, "application/json", body)
+	c.Data(resp.StatusCode, contentType, body)

 	return &response.Usage, nil
 }
@@ -2194,6 +2205,9 @@ func (s *GatewayService) countTokensError(c *gin.Context, status int, errType, m
 }

 func (s *GatewayService) validateUpstreamBaseURL(raw string) (string, error) {
+	if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
+		return strings.TrimSpace(raw), nil
+	}
 	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 		AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
 		RequireAllowlist: true,
--- a/backend/internal/service/gemini_messages_compat_service.go
+++ b/backend/internal/service/gemini_messages_compat_service.go
@@ -237,6 +237,9 @@ func (s *GeminiMessagesCompatService) GetAntigravityGatewayService() *Antigravit
 }

 func (s *GeminiMessagesCompatService) validateUpstreamBaseURL(raw string) (string, error) {
+	if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
+		return strings.TrimSpace(raw), nil
+	}
 	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 		AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
 		RequireAllowlist: true,
@@ -1720,6 +1723,10 @@ func (s *GeminiMessagesCompatService) handleNativeStreamingResponse(c *gin.Conte
 	}
 	log.Printf("[GeminiAPI] ====================================================")

+	if s.cfg != nil {
+		responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
+	}
+
 	c.Status(resp.StatusCode)
 	c.Header("Cache-Control", "no-cache")
 	c.Header("Connection", "keep-alive")
--- a/backend/internal/service/openai_gateway_service.go
+++ b/backend/internal/service/openai_gateway_service.go
@@ -762,6 +762,10 @@ type openaiStreamingResult struct {
 }

 func (s *OpenAIGatewayService) handleStreamingResponse(ctx context.Context, resp *http.Response, c *gin.Context, account *Account, startTime time.Time, originalModel, mappedModel string) (*openaiStreamingResult, error) {
+	if s.cfg != nil {
+		responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)
+	}
+
 	// Set SSE response headers
 	c.Header("Content-Type", "text/event-stream")
 	c.Header("Cache-Control", "no-cache")
@@ -1030,12 +1034,22 @@ func (s *OpenAIGatewayService) handleNonStreamingResponse(ctx context.Context, r

 	responseheaders.WriteFilteredHeaders(c.Writer.Header(), resp.Header, s.cfg.Security.ResponseHeaders)

-	c.Data(resp.StatusCode, "application/json", body)
+	contentType := "application/json"
+	if s.cfg != nil && !s.cfg.Security.ResponseHeaders.Enabled {
+		if upstreamType := resp.Header.Get("Content-Type"); upstreamType != "" {
+			contentType = upstreamType
+		}
+	}
+
+	c.Data(resp.StatusCode, contentType, body)

 	return usage, nil
 }

 func (s *OpenAIGatewayService) validateUpstreamBaseURL(raw string) (string, error) {
+	if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
+		return strings.TrimSpace(raw), nil
+	}
 	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 		AllowedHosts:     s.cfg.Security.URLAllowlist.UpstreamHosts,
 		RequireAllowlist: true,
--- a/backend/internal/service/openai_gateway_service_test.go
+++ b/backend/internal/service/openai_gateway_service_test.go
@@ -2,6 +2,7 @@ package service

 import (
 	"bufio"
+	"bytes"
 	"errors"
 	"io"
 	"net/http"
@@ -88,3 +89,175 @@ func TestOpenAIStreamingTooLong(t *testing.T) {
 		t.Fatalf("expected response_too_large SSE error, got %q", rec.Body.String())
 	}
 }
+
+func TestOpenAINonStreamingContentTypePassThrough(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			ResponseHeaders: config.ResponseHeaderConfig{Enabled: false},
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	rec := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(rec)
+	c.Request = httptest.NewRequest(http.MethodPost, "/", nil)
+
+	body := []byte(`{"usage":{"input_tokens":1,"output_tokens":2,"input_tokens_details":{"cached_tokens":0}}}`)
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body:       io.NopCloser(bytes.NewReader(body)),
+		Header:     http.Header{"Content-Type": []string{"application/vnd.test+json"}},
+	}
+
+	_, err := svc.handleNonStreamingResponse(c.Request.Context(), resp, c, &Account{}, "model", "model")
+	if err != nil {
+		t.Fatalf("handleNonStreamingResponse error: %v", err)
+	}
+
+	if !strings.Contains(rec.Header().Get("Content-Type"), "application/vnd.test+json") {
+		t.Fatalf("expected Content-Type passthrough, got %q", rec.Header().Get("Content-Type"))
+	}
+}
+
+func TestOpenAINonStreamingContentTypeDefault(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			ResponseHeaders: config.ResponseHeaderConfig{Enabled: false},
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	rec := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(rec)
+	c.Request = httptest.NewRequest(http.MethodPost, "/", nil)
+
+	body := []byte(`{"usage":{"input_tokens":1,"output_tokens":2,"input_tokens_details":{"cached_tokens":0}}}`)
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body:       io.NopCloser(bytes.NewReader(body)),
+		Header:     http.Header{},
+	}
+
+	_, err := svc.handleNonStreamingResponse(c.Request.Context(), resp, c, &Account{}, "model", "model")
+	if err != nil {
+		t.Fatalf("handleNonStreamingResponse error: %v", err)
+	}
+
+	if !strings.Contains(rec.Header().Get("Content-Type"), "application/json") {
+		t.Fatalf("expected default Content-Type, got %q", rec.Header().Get("Content-Type"))
+	}
+}
+
+func TestOpenAIStreamingHeadersOverride(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			ResponseHeaders: config.ResponseHeaderConfig{Enabled: false},
+		},
+		Gateway: config.GatewayConfig{
+			StreamDataIntervalTimeout: 0,
+			StreamKeepaliveInterval:   0,
+			MaxLineSize:               defaultMaxLineSize,
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	rec := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(rec)
+	c.Request = httptest.NewRequest(http.MethodPost, "/", nil)
+
+	pr, pw := io.Pipe()
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body:       pr,
+		Header: http.Header{
+			"Cache-Control": []string{"upstream"},
+			"X-Test":        []string{"value"},
+			"Content-Type":  []string{"application/custom"},
+		},
+	}
+
+	go func() {
+		defer func() { _ = pw.Close() }()
+		_, _ = pw.Write([]byte("data: {}\n\n"))
+	}()
+
+	_, err := svc.handleStreamingResponse(c.Request.Context(), resp, c, &Account{ID: 1}, time.Now(), "model", "model")
+	_ = pr.Close()
+	if err != nil {
+		t.Fatalf("handleStreamingResponse error: %v", err)
+	}
+
+	if rec.Header().Get("Cache-Control") != "no-cache" {
+		t.Fatalf("expected Cache-Control override, got %q", rec.Header().Get("Cache-Control"))
+	}
+	if rec.Header().Get("Content-Type") != "text/event-stream" {
+		t.Fatalf("expected Content-Type override, got %q", rec.Header().Get("Content-Type"))
+	}
+	if rec.Header().Get("X-Test") != "value" {
+		t.Fatalf("expected X-Test passthrough, got %q", rec.Header().Get("X-Test"))
+	}
+}
+
+func TestOpenAIInvalidBaseURLWhenAllowlistDisabled(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			URLAllowlist: config.URLAllowlistConfig{Enabled: false},
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	rec := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(rec)
+	c.Request = httptest.NewRequest(http.MethodPost, "/", nil)
+
+	account := &Account{
+		Platform:    PlatformOpenAI,
+		Type:        AccountTypeAPIKey,
+		Credentials: map[string]any{"base_url": "://invalid-url"},
+	}
+
+	_, err := svc.buildUpstreamRequest(c.Request.Context(), c, account, []byte("{}"), "token", false)
+	if err == nil {
+		t.Fatalf("expected error for invalid base_url when allowlist disabled")
+	}
+}
+
+func TestOpenAIValidateUpstreamBaseURLDisabledSkipsValidation(t *testing.T) {
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			URLAllowlist: config.URLAllowlistConfig{Enabled: false},
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	normalized, err := svc.validateUpstreamBaseURL("http://not-https.example.com")
+	if err != nil {
+		t.Fatalf("expected no error when allowlist disabled, got %v", err)
+	}
+	if normalized != "http://not-https.example.com" {
+		t.Fatalf("expected raw url passthrough, got %q", normalized)
+	}
+}
+
+func TestOpenAIValidateUpstreamBaseURLEnabledEnforcesAllowlist(t *testing.T) {
+	cfg := &config.Config{
+		Security: config.SecurityConfig{
+			URLAllowlist: config.URLAllowlistConfig{
+				Enabled:       true,
+				UpstreamHosts: []string{"example.com"},
+			},
+		},
+	}
+	svc := &OpenAIGatewayService{cfg: cfg}
+
+	if _, err := svc.validateUpstreamBaseURL("https://example.com"); err != nil {
+		t.Fatalf("expected allowlisted host to pass, got %v", err)
+	}
+	if _, err := svc.validateUpstreamBaseURL("https://evil.com"); err == nil {
+		t.Fatalf("expected non-allowlisted host to fail")
+	}
+}
--- a/backend/internal/service/pricing_service.go
+++ b/backend/internal/service/pricing_service.go
@@ -409,6 +409,9 @@ func (s *PricingService) fetchRemoteHash() (string, error) {
 }

 func (s *PricingService) validatePricingURL(raw string) (string, error) {
+	if s.cfg != nil && !s.cfg.Security.URLAllowlist.Enabled {
+		return strings.TrimSpace(raw), nil
+	}
 	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
 		AllowedHosts:     s.cfg.Security.URLAllowlist.PricingHosts,
 		RequireAllowlist: true,
--- a/backend/internal/util/responseheaders/responseheaders.go
+++ b/backend/internal/util/responseheaders/responseheaders.go
@@ -42,6 +42,9 @@ var hopByHopHeaders = map[string]struct{}{
 }

 func FilterHeaders(src http.Header, cfg config.ResponseHeaderConfig) http.Header {
+	if !cfg.Enabled {
+		return passThroughHeaders(src)
+	}
 	allowed := make(map[string]struct{}, len(defaultAllowed)+len(cfg.AdditionalAllowed))
 	for key := range defaultAllowed {
 		allowed[key] = struct{}{}
@@ -91,3 +94,17 @@ func WriteFilteredHeaders(dst http.Header, src http.Header, cfg config.ResponseH
 		}
 	}
 }
+
+func passThroughHeaders(src http.Header) http.Header {
+	filtered := make(http.Header, len(src))
+	for key, values := range src {
+		lower := strings.ToLower(key)
+		if _, isHopByHop := hopByHopHeaders[lower]; isHopByHop {
+			continue
+		}
+		for _, value := range values {
+			filtered.Add(key, value)
+		}
+	}
+	return filtered
+}
--- a/backend/internal/util/responseheaders/responseheaders_test.go
+++ b/backend/internal/util/responseheaders/responseheaders_test.go
@@ -0,0 +1,67 @@
+package responseheaders
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/Wei-Shaw/sub2api/internal/config"
+)
+
+func TestFilterHeadersDisabledPassThrough(t *testing.T) {
+	src := http.Header{}
+	src.Add("Content-Type", "application/json")
+	src.Add("X-Test", "ok")
+	src.Add("X-Remove", "keep")
+	src.Add("Connection", "keep-alive")
+	src.Add("Content-Length", "123")
+
+	cfg := config.ResponseHeaderConfig{
+		Enabled:     false,
+		ForceRemove: []string{"x-test"},
+	}
+
+	filtered := FilterHeaders(src, cfg)
+	if filtered.Get("Content-Type") != "application/json" {
+		t.Fatalf("expected Content-Type passthrough, got %q", filtered.Get("Content-Type"))
+	}
+	if filtered.Get("X-Test") != "ok" {
+		t.Fatalf("expected X-Test passthrough, got %q", filtered.Get("X-Test"))
+	}
+	if filtered.Get("X-Remove") != "keep" {
+		t.Fatalf("expected X-Remove passthrough, got %q", filtered.Get("X-Remove"))
+	}
+	if filtered.Get("Connection") != "" {
+		t.Fatalf("expected Connection to be removed, got %q", filtered.Get("Connection"))
+	}
+	if filtered.Get("Content-Length") != "" {
+		t.Fatalf("expected Content-Length to be removed, got %q", filtered.Get("Content-Length"))
+	}
+}
+
+func TestFilterHeadersEnabledUsesAllowlist(t *testing.T) {
+	src := http.Header{}
+	src.Add("Content-Type", "application/json")
+	src.Add("X-Extra", "ok")
+	src.Add("X-Remove", "nope")
+	src.Add("X-Blocked", "nope")
+
+	cfg := config.ResponseHeaderConfig{
+		Enabled:           true,
+		AdditionalAllowed: []string{"x-extra"},
+		ForceRemove:       []string{"x-remove"},
+	}
+
+	filtered := FilterHeaders(src, cfg)
+	if filtered.Get("Content-Type") != "application/json" {
+		t.Fatalf("expected Content-Type allowed, got %q", filtered.Get("Content-Type"))
+	}
+	if filtered.Get("X-Extra") != "ok" {
+		t.Fatalf("expected X-Extra allowed, got %q", filtered.Get("X-Extra"))
+	}
+	if filtered.Get("X-Remove") != "" {
+		t.Fatalf("expected X-Remove removed, got %q", filtered.Get("X-Remove"))
+	}
+	if filtered.Get("X-Blocked") != "" {
+		t.Fatalf("expected X-Blocked removed, got %q", filtered.Get("X-Blocked"))
+	}
+}
--- a/deploy/config.example.yaml
+++ b/deploy/config.example.yaml
@@ -37,6 +37,8 @@ cors:
 # =============================================================================
 security:
  url_allowlist:
+    # Enable URL allowlist validation (disable to skip all URL checks)
+    enabled: false
    # Allowed upstream hosts for API proxying
    upstream_hosts:
      - "api.openai.com"
@@ -55,6 +57,8 @@ security:
    # Allow localhost/private IPs for upstream/pricing/CRS (use only in trusted networks)
    allow_private_hosts: false
  response_headers:
+    # Enable response header filtering (disable to pass through upstream headers)
+    enabled: false
    # Extra allowed response headers from upstream
    additional_allowed: []
    # Force-remove response headers from upstream
--- a/frontend/.eslintrc.cjs
+++ b/frontend/.eslintrc.cjs
@@ -0,0 +1,36 @@
+module.exports = {
+  root: true,
+  env: {
+    browser: true,
+    es2021: true,
+    node: true,
+  },
+  parser: "vue-eslint-parser",
+  parserOptions: {
+    parser: "@typescript-eslint/parser",
+    ecmaVersion: "latest",
+    sourceType: "module",
+    extraFileExtensions: [".vue"],
+  },
+  plugins: ["vue", "@typescript-eslint"],
+  extends: [
+    "eslint:recommended",
+    "plugin:vue/vue3-essential",
+    "plugin:@typescript-eslint/recommended",
+  ],
+  rules: {
+    "no-constant-condition": "off",
+    "no-mixed-spaces-and-tabs": "off",
+    "no-useless-escape": "off",
+    "no-unused-vars": "off",
+    "@typescript-eslint/no-unused-vars": [
+      "warn",
+      { argsIgnorePattern: "^_", varsIgnorePattern: "^_" },
+    ],
+    "@typescript-eslint/ban-types": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "vue/multi-word-component-names": "off",
+    "vue/no-use-v-if-with-v-for": "off",
+  },
+};
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -8,6 +8,7 @@
    "build": "vue-tsc -b && vite build",
    "preview": "vite preview",
    "lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts --fix",
+    "lint:check": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts",
    "typecheck": "vue-tsc --noEmit"
  },
  "dependencies": {
@@ -30,6 +31,10 @@
    "@types/node": "^20.10.5",
    "@vitejs/plugin-vue": "^5.2.3",
    "autoprefixer": "^10.4.16",
+    "@typescript-eslint/eslint-plugin": "^7.18.0",
+    "@typescript-eslint/parser": "^7.18.0",
+    "eslint": "^8.57.0",
+    "eslint-plugin-vue": "^9.25.0",
    "postcss": "^8.4.32",
    "tailwindcss": "^3.4.0",
    "typescript": "~5.6.0",
--- a/frontend/src/stores/auth.ts
+++ b/frontend/src/stores/auth.ts
@@ -106,7 +106,7 @@ export const useAuthStore = defineStore('auth', () => {
      if (response.user.run_mode) {
        runMode.value = response.user.run_mode
      }
-      const { run_mode, ...userData } = response.user
+      const { run_mode: _run_mode, ...userData } = response.user
      user.value = userData

      // Persist to localStorage
@@ -141,7 +141,7 @@ export const useAuthStore = defineStore('auth', () => {
      if (response.user.run_mode) {
        runMode.value = response.user.run_mode
      }
-      const { run_mode, ...userDataWithoutRunMode } = response.user
+      const { run_mode: _run_mode, ...userDataWithoutRunMode } = response.user
      user.value = userDataWithoutRunMode

      // Persist to localStorage
@@ -187,7 +187,7 @@ export const useAuthStore = defineStore('auth', () => {
      if (response.data.run_mode) {
        runMode.value = response.data.run_mode
      }
-      const { run_mode, ...userData } = response.data
+      const { run_mode: _run_mode, ...userData } = response.data
      user.value = userData

      // Update localStorage