nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
openclaw/src
History
bmendonca3 6ac89757ba
Security/Gateway: harden Control UI static path containment (#21203) 
* Security/Gateway: harden Control UI static path containment

* gateway: block control-ui symlink escapes

* CI: retrigger flaky node test lane

---------

Co-authored-by: Brian Mendonca <brianmendonca@Brians-MacBook-Air.local>
 		2026-02-21 23:47:51 +01:00
..
acp refactor(test): remove duplicate cron tool harnesses 2026-02-21 12:25:23 +00:00
agents chore(tests): properly check logging in tests 2026-02-21 17:21:48 -05:00
auto-reply refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 2026-02-21 17:44:00 -05:00
browser test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
canvas-host refactor(test): centralize temporary state-dir env setup 2026-02-21 12:59:24 +00:00
channels test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
cli test: group remaining suite cleanups 2026-02-21 21:44:57 +00:00
commands test: group remaining suite cleanups 2026-02-21 21:44:57 +00:00
compat
config refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 2026-02-21 17:44:00 -05:00
cron test(cron): dedupe delivery-target whatsapp stubs and cover sessionKey fallback 2026-02-21 21:40:39 +00:00
daemon test(daemon): dedupe schtasks install fixture and cover empty env omission 2026-02-21 21:40:39 +00:00
discord refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 2026-02-21 17:44:00 -05:00
docs
gateway Security/Gateway: harden Control UI static path containment (#21203) 2026-02-21 23:47:51 +01:00
hooks refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 2026-02-21 17:44:00 -05:00
imessage fix(security): fail closed parsed chat allowlist 2026-02-21 19:51:36 +01:00
infra fix(ssrf): block special-use ipv4 ranges 2026-02-21 23:45:49 +01:00
line test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
link-understanding fix: block ISATAP SSRF bypass via shared host/ip guard 2026-02-19 09:59:47 +01:00
logging fix(ui): unblock docker onboarding build 2026-02-19 16:32:33 +01:00
macos refactor: unify restart gating and update availability sync 2026-02-19 10:00:41 +01:00
markdown test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
media test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
media-understanding test: avoid template-literal temp path in runner fixture 2026-02-21 20:49:38 +01:00
memory test: streamline config, audit, and qmd coverage 2026-02-21 22:23:43 +00:00
node-host refactor(test): standardize env helpers across suites 2026-02-21 19:13:46 +00:00
pairing test(pairing): dedupe fixture writers and expand store coverage 2026-02-21 21:40:39 +00:00
plugin-sdk test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
plugins test: tighten plugin e2e matrix coverage 2026-02-21 21:44:50 +00:00
process refactor(test): simplify env scoping in exec and usage tests 2026-02-21 19:13:46 +00:00
providers fix(oauth): harden refresh token refresh-response validation 2026-02-21 13:44:14 +01:00
routing test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
scripts test(scripts): dedupe a2ui temp fixture and cover skip-missing env path 2026-02-21 21:40:39 +00:00
security test: streamline config, audit, and qmd coverage 2026-02-21 22:23:43 +00:00
sessions fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg 2026-02-19 21:16:26 -06:00
shared test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
signal test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
slack test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
telegram refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 2026-02-21 17:44:00 -05:00
terminal
test-helpers refactor(test): reuse state-dir helper in telegram tests 2026-02-21 13:02:12 +00:00
test-utils refactor(test): standardize env helpers across suites 2026-02-21 19:13:46 +00:00
tts test: streamline auto-reply and tts suites 2026-02-21 21:44:01 +00:00
tui test(tui): cover gateway auth fallbacks and dedupe env setup 2026-02-21 19:13:47 +00:00
types chore(deadcode): add deadcode scanning and remove unused lockfile deps (#22468) 2026-02-21 01:29:20 -05:00
utils fix(gateway): strip inline directive tags from displayed text 2026-02-21 20:08:55 +01:00
web test(web): dedupe inbound cfg fixtures and cover reply/from formatting 2026-02-21 21:40:39 +00:00
whatsapp
wizard
channel-web.ts
docker-image-digests.test.ts fix(docker): pin base images to SHA256 digests (#7734) 2026-02-19 12:42:07 -08:00
docker-setup.test.ts fix(docker): harden docker-setup mount validation 2026-02-19 10:44:46 +01:00
dockerfile.test.ts
entry.ts
extensionAPI.ts
globals.ts
index.ts
logger.test.ts test: merge logger subsystem prefix drop cases 2026-02-19 08:49:52 +00:00
logger.ts
logging.ts
polls.test.ts test: table-drive poll duration clamp cases 2026-02-18 23:27:50 +00:00
polls.ts
runtime.ts
utils.test.ts test(core): dedupe temp dirs in utils tests and cover lid lookup error fallback 2026-02-21 21:40:39 +00:00
utils.ts refactor: share plain object guard across config and utils 2026-02-19 14:27:36 +00:00
version.test.ts test(version): dedupe fixture setup and cover invalid URL/version metadata 2026-02-21 21:40:39 +00:00
version.ts