github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 10:41:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): prevent gatewayUrl SSRF

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-14 20:53:30 +01:00
parent e95ce05c1e
commit c5406e1d24
4 changed files with 61 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/agents/tools/gateway.e2e.test.ts
View File

@@ -20,7 +20,7 @@ describe("gateway tool defaults", () => {
expect(opts.url).toBeUndefined();
});
it("passes through explicit overrides", async () => {
it("accepts allowlisted gatewayUrl overrides (SSRF hardening)", async () => {
callGatewayMock.mockResolvedValueOnce({ ok: true });
await callGatewayTool(
"health",