vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 22:00:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(security): make empty allowlist behavior explicit

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 19:54:52 +01:00
parent ed960ba4eb
commit 2ba6de7eaa
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
extensions/bluebubbles/src/targets.test.ts
View File

@@ -1,5 +1,6 @@
import { describe, expect, it } from "vitest";
import {
isAllowedBlueBubblesSender,
looksLikeBlueBubblesTargetId,
normalizeBlueBubblesMessagingTarget,
parseBlueBubblesTarget,
@@ -181,3 +182,21 @@ describe("parseBlueBubblesAllowTarget", () => {
});
});
});
describe("isAllowedBlueBubblesSender", () => {
it("denies when allowFrom is empty", () => {
const allowed = isAllowedBlueBubblesSender({
allowFrom: [],
sender: "+15551234567",
});
expect(allowed).toBe(false);
});
it("allows wildcard entries", () => {
const allowed = isAllowedBlueBubblesSender({
allowFrom: ["*"],
sender: "+15551234567",
});
expect(allowed).toBe(true);
});
});