github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 10:55:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(browser): centralize navigation guard enforcement

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 11:45:23 +01:00
parent 2cdbadee1f
commit 55aaeb5085
8 changed files with 203 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/browser/navigation-guard.ts
View File

@@ -7,6 +7,11 @@ import {
const NETWORK_NAVIGATION_PROTOCOLS = new Set(["http:", "https:"]);
const SAFE_NON_NETWORK_URLS = new Set(["about:blank"]);
function isAllowedNonNetworkNavigationUrl(parsed: URL): boolean {
// Keep non-network navigation explicit; about:blank is the only allowed bootstrap URL.
return SAFE_NON_NETWORK_URLS.has(parsed.href);
}
export class InvalidBrowserNavigationUrlError extends Error {
constructor(message: string) {
super(message);
@@ -43,7 +48,7 @@ export async function assertBrowserNavigationAllowed(
}
if (!NETWORK_NAVIGATION_PROTOCOLS.has(parsed.protocol)) {
if (SAFE_NON_NETWORK_URLS.has(parsed.href)) {
if (isAllowedNonNetworkNavigationUrl(parsed)) {
return;
}
throw new InvalidBrowserNavigationUrlError(