Prototype Pollution in Chi with Basic Auth

Prototype pollution in applications built with the Chi web framework can occur when user-controlled input is merged into application objects used to represent configuration or state. Chi itself does not provide built-in object merging for request parameters; developers typically perform merges when reading query strings, form bodies, or JSON payloads. When Basic Authentication credentials are parsed and combined with application data, the resulting merged object may become susceptible to prototype pollution if the merging logic is unsafe. For example, if a developer uses a library or custom code that copies properties from a credentials object (derived from the Authorization header) into a shared prototype or configuration object, an attacker can supply crafted parameters such as __proto__[admin]=true or constructor[prototype][polluted]=yes to alter object behavior across the application.

In Chi, routes are often composed as a series of middleware and handlers. If a handler decodes Basic Auth, constructs an object from the credentials, and then merges that object with request context or global configuration without proper validation, the merged result may contain unexpected properties. Real-world patterns involve parsing the Authorization header, base64-decoding the username:password token, and constructing a map like {user: "alice", password: "secret"}. If this map is later extended with user-supplied JSON or query parameters using a shallow merge that does not protect against __proto__ or constructor keys, the prototype chain can be modified. This may lead to privilege escalation or logic bypass when the polluted object is used for access control decisions.

Consider a scenario where an endpoint uses Basic Auth for identification but also accepts JSON input for processing. A developer might write a merge routine that combines the parsed credentials map with the request body to form a single payload for downstream services. If the JSON input includes keys such as __proto__.role or constructor.prototype.isAdmin, and the merge does not filter these keys, the resulting object can modify the behavior of other parts of the program that rely on prototype-based inheritance. Because Chi does not enforce a particular merging strategy, the responsibility falls on the developer to ensure that merges are safe, especially when credentials and untrusted input are combined in the same object graph.

Additionally, Basic Auth credentials are often logged or inspected for auditing. If merged objects containing polluted prototypes are serialized or stored, the pollution can propagate to logs, caches, or downstream API calls. An attacker may not directly exploit the pollution within Chi’s routing layer, but they can influence how application code behaves when it iterates over object properties or checks for specific keys. Therefore, even though Chi does not introduce the vulnerability, the framework’s flexibility in handling request data means that unsafe merging of Basic Auth–derived objects with user-controlled input creates a concrete path for prototype pollution.

To mitigate prototype pollution when using Basic Authentication in Chi, ensure that credential parsing and merging do not expose __proto__, constructor, or other dangerous keys. Use explicit property extraction instead of generic object spreading or shallow merges when combining credentials with request data. Below are concrete, syntactically correct examples in the context of Chi and Common Lisp libraries commonly used with it.

(ql:quickload '("cl-base64" "chi" "drakma"))

(defun parse-safe-basic-auth (header)
  "Parse a Basic Auth header and return a property list without prototype keys."
  (when header
    (let* ((prefix "Basic ")
           (encoded (when (and (stringp header)
                               (search prefix header :end2 (length header)))
                      (subseq header (+ (length prefix) (search prefix header)))))
           (decoded (when encoded
                      (flexi-streams:octets-to-string
                       (cl-base64:base64-decoded-string encoded) ; illustrative; use native for production
                       :external-format :utf-8))))
      (when decoded
        (let ((parts (uiop:split-string decoded :separator '(#\:))))
          (when (= (length parts) 2)
            (list :username (first parts)
                  :password (second parts)))))))

(defun safe-merge-no-prototype (base updates)
  "Merge updates into base, excluding keys that can pollute prototypes."
  (let ((safe-updates (remove-if (lambda (k)
                                   (member k '("__proto__" "constructor" "prototype")
                                            :test #'string=))
                                 updates :key #'car)))
    (append base safe-updates)))

;; Example Chi route using safe handling
(define-easy-handler (hello :uri "/api") (request)
  (let* ((auth-header (header:authorization request))
         (creds (parse-safe-basic-auth auth-header))
         (user-supplied (query-params request))
         ;; Safe merge: exclude dangerous keys
         (payload (safe-merge-no-prototype creds user-supplied)))
    (format nil "Processing for user: ~a" (getf payload :username))))

In this example, parse-safe-basic-auth extracts the username and password without relying on dynamic property assignment, and safe-merge-no-prototype explicitly filters out keys that could modify the prototype chain. By avoiding generic merge utilities that iterate over all keys, you prevent attacker-supplied __proto__ or constructor entries from affecting shared objects. This pattern works regardless of whether you use the middleBrick CLI to scan your Chi endpoints or integrate the GitHub Action to fail builds when risky code patterns are detected.

Additionally, consider validating and normalizing credentials before they enter any shared data structures. For Chi applications that rely on external libraries for HTTP or middleware, prefer explicit property access (e.g., (getf creds :username)) over functions that copy entire property lists. If your project uses the middleBrick MCP Server inside an IDE, you can scan API definitions and runtime configurations to identify merge patterns that may inadvertently include prototype-vulnerable code, ensuring that remediation aligns with the scan’s findings.