github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 10:11:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): fail closed parsed chat allowlist

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 19:51:07 +01:00
parent 09d5f508b1
commit 9632b9bcf0
5 changed files with 199 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/plugin-sdk/allow-from.ts
View File

@@ -26,7 +26,7 @@ export function isAllowedParsedChatSender<TParsed extends ParsedChatAllowTarget>
}): boolean {
const allowFrom = params.allowFrom.map((entry) => String(entry).trim());
if (allowFrom.length === 0) {
return true;
return false;
}
if (allowFrom.includes("*")) {
return true;