github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 11:01:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

perf(test): fold discord voice hardening into web media suite

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-16 00:15:24 +00:00
parent ba3a0e7adb
commit acb2a1ce37
2 changed files with 22 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/discord/send.voice-message.security.test.ts
View File

@@ -1,24 +0,0 @@
import path from "node:path";
import { describe, expect, it } from "vitest";
import { sendVoiceMessageDiscord } from "./send.js";
describe("sendVoiceMessageDiscord - media hardening", () => {
it("rejects local paths outside allowed media roots (prevents local file exfiltration)", async () => {
const candidate = path.join(process.cwd(), "package.json");
await expect(sendVoiceMessageDiscord("channel:123", candidate)).rejects.toThrow(
/Local media path is not under an allowed directory/,
);
});
it("blocks SSRF targets when given a private-network URL", async () => {
await expect(
sendVoiceMessageDiscord("channel:123", "http://127.0.0.1/voice.ogg"),
).rejects.toThrow(/Failed to fetch media|Blocked/);
});
it("does not allow non-http URL schemes to reach ffmpeg/ffprobe", async () => {
await expect(
sendVoiceMessageDiscord("channel:123", "rtsp://example.com/voice.ogg"),
).rejects.toThrow(/Local media path is not under an allowed directory|ENOENT|no such file/i);
});
});