nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(security): prevent gateway token from defaulting to 'undefined' string

This commit is contained in:
Hisleren 2026-01-30 23:06:07 +03:00 committed by Gustavo Madeira Santana
parent 0175cedf0e
commit 201d7fa956
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/commands/configure.gateway.ts
View File

@ -177,7 +177,8 @@ export async function promptGatewayConfig(
}),
runtime,
);
gatewayToken = String(tokenInput).trim() || randomToken();
const rawInput = tokenInput ? String(tokenInput).trim() : "";
gatewayToken = rawInput || randomToken();
}
if (authMode === "password") {

4
src/wizard/onboarding.gateway-config.ts
View File

@ -182,7 +182,9 @@ export async function configureGatewayForOnboarding(
placeholder: "Needed for multi-machine or non-loopback access",
initialValue: quickstartGateway.token ?? "",
});
gatewayToken = String(tokenInput).trim() || randomToken();
// FIX: Ensure undefined becomes an empty string, not "undefined" string
const rawInput = tokenInput ? String(tokenInput).trim() : "";
gatewayToken = rawInput || randomToken();
}
}