Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 17d6e62fe5b34b1c635f01f51011f5d84243ca7c into 5e417b44e1540f528d2ae63e3e20229a902d1db2

Browse Source
This commit is contained in:
forever 2026-03-21 10:24:46 +08:00 committed by GitHub
commit 3d9818a51f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/gateway/probe.test.ts
View File

@ -71,6 +71,16 @@ describe("probeGateway", () => {
expect(gatewayClientState.options?.deviceIdentity).toBeUndefined();
});
it("keeps device identity enabled for authenticated loopback probes with empty auth object", async () => {
await probeGateway({
url: "ws://127.0.0.1:18789",
auth: {},
timeoutMs: 1_000,
});
expect(gatewayClientState.options?.deviceIdentity).toBeUndefined();
});
it("keeps device identity disabled for unauthenticated loopback probes", async () => {
await probeGateway({
url: "ws://127.0.0.1:18789",

2
src/gateway/probe.ts
View File

@ -47,7 +47,7 @@ export async function probeGateway(opts: {
const hostname = new URL(opts.url).hostname;
// Local authenticated probes should stay device-bound so read/detail RPCs
// are not scope-limited by the shared-auth scope stripping hardening.
return isLoopbackHost(hostname) && !(opts.auth?.token || opts.auth?.password);
return isLoopbackHost(hostname) && opts.auth === undefined; // Preserves device identity for empty but present auth objects (e.g. {})
} catch {
return false;
}