Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/src
History
C.J. Winslow 58f7b7638a
Security: add per-wrapper IDs to untrusted-content markers (#19009) 
Fixes #10927

Adds unique per-wrapper IDs to external-content boundary markers to
prevent spoofing attacks where malicious content could inject fake
marker boundaries.

- Generate random 16-char hex ID per wrap operation
- Start/end markers share the same ID for pairing
- Sanitizer strips markers with or without IDs (handles legacy + spoofed)
- Added test for attacker-injected markers with fake IDs

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-21 01:16:02 -05:00
..
acp
fix(ci): normalize path assertions across platforms
2026-02-19 15:28:14 +00:00
agents
Security: add per-wrapper IDs to untrusted-content markers (#19009)
2026-02-21 01:16:02 -05:00
auto-reply
TUI: strip only leading inbound metadata (#22461)
2026-02-21 01:13:02 -05:00
browser
fix(browser): block upload symlink escapes (#21972)
2026-02-20 16:36:25 +00:00
canvas-host
fix(gateway): harden canvas auth with session capabilities
2026-02-19 15:51:22 +01:00
channels
chore: fix formatting on CI-drift files (#22391)
2026-02-20 22:40:30 -05:00
cli
CLI: default pairing channel for pairing commands
2026-02-20 19:59:54 -08:00
commands
Hooks: persist session memory on /reset
2026-02-20 20:19:29 -08:00
compat
config
feat(discord): add configurable ephemeral option for slash commands
2026-02-20 21:19:21 -06:00
cron
fix(cron): honor maxConcurrentRuns in timer loop (openclaw#22413) thanks @Takhoffman
2026-02-20 22:31:58 -06:00
daemon
Daemon: harden systemd unit env rendering
2026-02-20 12:51:14 -06:00
discord
fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (#22345)
2026-02-20 23:52:43 -05:00
docs
gateway
test: correct trusted proxy X-Forwarded-For expectation
2026-02-21 00:48:22 -05:00
hooks
Hooks: persist session memory on /reset
2026-02-20 20:19:29 -08:00
imessage
style: format files and fix safe-bins e2e typing
2026-02-19 14:26:12 +01:00
infra
fix(gateway): clear pairing state on device token mismatch (#22071)
2026-02-20 18:21:13 +00:00
line
test: dedupe and optimize test suites
2026-02-19 15:19:38 +00:00
link-understanding
fix: block ISATAP SSRF bypass via shared host/ip guard
2026-02-19 09:59:47 +01:00
logging
fix(ui): unblock docker onboarding build
2026-02-19 16:32:33 +01:00
macos
refactor: unify restart gating and update availability sync
2026-02-19 10:00:41 +01:00
markdown
fix(security): use YAML core schema to prevent type coercion (#20857)
2026-02-19 03:15:36 -08:00
media
Security: harden tool media paths
2026-02-20 13:32:49 -06:00
media-understanding
fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (#22345)
2026-02-20 23:52:43 -05:00
memory
fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (#22345)
2026-02-20 23:52:43 -05:00
node-host
refactor(exec): split host flows and harden safe-bin trust
2026-02-19 14:22:01 +01:00
pairing
fix(cron/whatsapp): route implicit delivery to allowlisted recipients (openclaw#21533) thanks @Takhoffman
2026-02-19 20:33:37 -06:00
plugin-sdk
test: cover plugin status helper branches
2026-02-19 15:09:19 +00:00
plugins
test: dedupe and optimize test suites
2026-02-19 15:19:38 +00:00
process
test: dedupe and optimize test suites
2026-02-19 15:19:38 +00:00
providers
Add Claude Sonnet 4.6 and 4.5 to GitHub Copilot model catalog (openclaw#20270) thanks @Clawborn
2026-02-19 21:54:52 -06:00
routing
refactor(test): dedupe agent harnesses and routing fixtures
2026-02-18 04:49:22 +00:00
scripts
security
Security: add per-wrapper IDs to untrusted-content markers (#19009)
2026-02-21 01:16:02 -05:00
sessions
fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg
2026-02-19 21:16:26 -06:00
shared
fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (#22345)
2026-02-20 23:52:43 -05:00
signal
refactor(signal): reuse shared reaction types
2026-02-18 23:34:15 +00:00
slack
fix(slack): pass recipient_team_id to streaming API calls (#20988)
2026-02-19 14:44:34 -08:00
telegram
fix: preselect Telegram-supported status reaction variants (#22380)
2026-02-21 09:20:20 +05:30
terminal
refactor(cli): share styled select prompt helper
2026-02-18 17:48:02 +00:00
test-helpers
test-utils
fix(ci): normalize path assertions across platforms
2026-02-19 15:28:14 +00:00
tts
Security: harden tool media paths
2026-02-20 13:32:49 -06:00
tui
TUI: strip only leading inbound metadata (#22461)
2026-02-21 01:13:02 -05:00
types
utils
test: dedupe and optimize test suites
2026-02-19 15:19:38 +00:00
web
test: isolate local media regression fixtures to allowed roots (#22369)
2026-02-20 21:50:50 -05:00
whatsapp
test: dedupe line and whatsapp target resolution tests
2026-02-18 05:31:13 +00:00
wizard
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
channel-web.ts
docker-image-digests.test.ts
fix(docker): pin base images to SHA256 digests (#7734)
2026-02-19 12:42:07 -08:00
docker-setup.test.ts
fix(docker): harden docker-setup mount validation
2026-02-19 10:44:46 +01:00
dockerfile.test.ts
test(docker): cover browser install build arg
2026-02-16 22:35:27 -05:00
entry.ts
extensionAPI.ts
globals.ts
index.ts
logger.test.ts
test: merge logger subsystem prefix drop cases
2026-02-19 08:49:52 +00:00
logger.ts
logging.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
polls.test.ts
test: table-drive poll duration clamp cases
2026-02-18 23:27:50 +00:00
polls.ts
runtime.ts
chore: chore: Fix types in tests 12/N.
2026-02-17 11:22:49 +09:00
utils.test.ts
utils.ts
refactor: share plain object guard across config and utils
2026-02-19 14:27:36 +00:00
version.test.ts
refactor: centralize presence routing and version precedence coverage (#19609)
2026-02-18 00:02:51 -05:00
version.ts
refactor: centralize presence routing and version precedence coverage (#19609)
2026-02-18 00:02:51 -05:00