github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 13:11:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): enforce bounded webhook body handling

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-13 19:14:36 +01:00
parent 2f9c523bbe
commit 3cbcba10cf
20 changed files with 834 additions and 281 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/gateway/server-http.ts
View File

@@ -287,7 +287,12 @@ export function createHooksRequestHandler(
const body = await readJsonBody(req, hooksConfig.maxBodyBytes);
if (!body.ok) {
const status = body.error === "payload too large" ? 413 : 400;
const status =
body.error === "payload too large"
? 413
: body.error === "request body timeout"
? 408
: 400;
sendJson(res, status, { ok: false, error: body.error });
return true;
}