vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-01 04:11:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: redact sensitive query params in invalid URL error reasons

Browse Source 
Extends the invalid-URL redaction to also scrub sensitive query parameters
(token, api_key, secret, access_token, etc.) using the same param list as
the valid-URL description path. Adds tests for both query param and
credential redaction in error reasons.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
dhananjai1729
2026-03-25 22:44:54 +05:30
committed by Peter Steinberger
parent 4e03d899b3
commit 2c6eb127d9
2 changed files with 31 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/agents/mcp-sse.test.ts
View File

@@ -94,6 +94,30 @@ describe("resolveSseMcpServerLaunchConfig", () => {
}
});
it("redacts sensitive query params in invalid URL errors", () => {
const result = resolveSseMcpServerLaunchConfig({
url: "mcp.example.com/sse?token=secret123&api_key=key456",
});
expect(result.ok).toBe(false);
if (!result.ok) {
expect(result.reason).toContain("token=***");
expect(result.reason).toContain("api_key=***");
expect(result.reason).not.toContain("secret123");
expect(result.reason).not.toContain("key456");
}
});
it("redacts embedded credentials in invalid URL errors", () => {
const result = resolveSseMcpServerLaunchConfig({
url: "//user:pass@mcp.example.com/sse",
});
expect(result.ok).toBe(false);
if (!result.ok) {
expect(result.reason).toContain("***:***@");
expect(result.reason).not.toContain("user:pass");
}
});
it("rejects non-http protocols", () => {
const result = resolveSseMcpServerLaunchConfig({ url: "ftp://example.com/sse" });
expect(result.ok).toBe(false);

9
src/agents/mcp-sse.ts
View File

@@ -51,8 +51,13 @@ export function resolveSseMcpServerLaunchConfig(
try {
parsed = new URL(url);
} catch {
// Redact potential credentials from the invalid URL before including in reason.
const redactedUrl = url.replace(/\/\/([^@]+)@/, "//***:***@");
// Redact potential credentials and sensitive query params from the invalid URL.
const redactedUrl = url
.replace(/\/\/([^@]+)@/, "//***:***@")
.replace(
/([?&])(token|key|api_key|apikey|secret|access_token|password|pass|auth|client_secret|refresh_token)=([^&]*)/gi,
"$1$2=***",
);
return { ok: false, reason: `its url is not a valid URL: ${redactedUrl}` };
}
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {