nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Net: expand cross-origin sensitive header regression test

This commit is contained in:
George Pickett 2026-02-19 11:23:35 -08:00
parent c0cd5a7265
commit 802f043e53
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/infra/net/fetch-guard.ssrf.test.ts
View File

@ -109,7 +109,9 @@ describe("fetchWithSsrFGuard hardening", () => {
init: {
headers: {
Authorization: "Bearer secret",
"Proxy-Authorization": "Basic c2VjcmV0",
Cookie: "session=abc",
Cookie2: "legacy=1",
"X-Trace": "1",
},
},
@ -118,7 +120,9 @@ describe("fetchWithSsrFGuard hardening", () => {
const [, secondInit] = fetchImpl.mock.calls[1] as [string, RequestInit];
const headers = new Headers(secondInit.headers);
expect(headers.get("authorization")).toBeNull();
expect(headers.get("proxy-authorization")).toBeNull();
expect(headers.get("cookie")).toBeNull();
expect(headers.get("cookie2")).toBeNull();
expect(headers.get("x-trace")).toBe("1");
await result.release();
});