github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 08:31:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): normalize hook auth rate-limit client keys

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 08:40:39 +01:00
parent aab20e58d7
commit 3284d2eb22
5 changed files with 63 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/gateway/auth-rate-limit.test.ts
View File

@@ -93,6 +93,12 @@ describe("auth rate limiter", () => {
expect(limiter.check("10.0.0.11").remaining).toBe(2);
});
it("treats ipv4 and ipv4-mapped ipv6 forms as the same client", () => {
limiter = createAuthRateLimiter({ maxAttempts: 1, windowMs: 60_000, lockoutMs: 60_000 });
limiter.recordFailure("1.2.3.4");
expect(limiter.check("::ffff:1.2.3.4").allowed).toBe(false);
});
it("tracks scopes independently for the same IP", () => {
limiter = createAuthRateLimiter({ maxAttempts: 1, windowMs: 60_000, lockoutMs: 60_000 });
limiter.recordFailure("10.0.0.12", AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET);