Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: improve cache key design for ssrfPolicy

Browse Source 
- Use JSON.stringify to encode full policy object instead of hardcoded suffix
- This ensures future ssrfPolicy fields are automatically included in cache key
- Prevents potential cross-policy cache bypass when new fields are added
This commit is contained in:
xing-xing-coder 2026-03-21 12:02:53 +08:00
parent a784fd3cdd
commit 3884fd202c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/agents/tools/web-fetch.ts
View File

@ -516,7 +516,8 @@ async function maybeFetchFirecrawlWebFetchPayload(
async function runWebFetch(params: WebFetchRuntimeParams): Promise<Record<string, unknown>> {
// Include ssrfPolicy in cache key to prevent cross-policy cache bypass
const ssrfPolicySuffix = params.ssrfPolicy?.allowRfc2544BenchmarkRange ? ":rfc2544" : "";
// Use JSON.stringify to encode the full policy object, ensuring future fields are automatically included
const ssrfPolicySuffix = params.ssrfPolicy ? `:${JSON.stringify(params.ssrfPolicy)}` : "";
const cacheKey = normalizeCacheKey(
`fetch:${params.url}:${params.extractMode}:${params.maxChars}${ssrfPolicySuffix}`,
);