vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-02 21:35:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: validate debug proxy connect ports

Browse Source
This commit is contained in:
Peter Steinberger
2026-05-28 15:44:16 -04:00
parent 483b06fb86
commit 04a6fd7fde
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/proxy-capture/proxy-server.test.ts
View File

@@ -18,5 +18,7 @@ describe("parseConnectTarget", () => {
it("rejects invalid CONNECT ports", () => {
expect(() => parseConnectTarget("[::1]:99999")).toThrow("Invalid CONNECT target port");
expect(() => parseConnectTarget("api.openai.com:1e3")).toThrow("Invalid CONNECT target port");
expect(() => parseConnectTarget("api.openai.com:0x50")).toThrow("Invalid CONNECT target port");
});
});

3
src/proxy-capture/proxy-server.ts
View File

@@ -64,6 +64,9 @@ export function parseConnectTarget(rawTarget: string | undefined): {
}
const hostname = trimmed.slice(0, lastColon).trim() || "127.0.0.1";
const portText = trimmed.slice(lastColon + 1).trim();
if (!/^\d+$/.test(portText)) {
throw new Error("Invalid CONNECT target port");
}
const port = Number(portText);
if (!Number.isInteger(port) || port < 1 || port > 65535) {
throw new Error("Invalid CONNECT target port");