vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-01 14:50:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(browser): land PR #26015 query-token auth for /json relay routes

Browse Source 
Align relay HTTP /json auth with websocket auth by accepting query-param tokens, add regression coverage, and update changelog.
Landed from contributor @Sid-Qin (PR #26015).

Co-authored-by: SidQin-cyber <sidqin0410@gmail.com>
This commit is contained in:
Peter Steinberger
2026-02-26 14:17:31 +00:00
parent 77a3930b72
commit 42cf32c386
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/browser/extension-relay.test.ts
View File

@@ -332,6 +332,19 @@ describe("chrome extension relay server", () => {
ext.close();
});
it("accepts /json endpoints with relay token query param", async () => {
const port = await getFreePort();
cdpUrl = `http://127.0.0.1:${port}`;
await ensureChromeExtensionRelayServer({ cdpUrl });
const token = relayAuthHeaders(cdpUrl)["x-openclaw-relay-token"];
expect(token).toBeTruthy();
const versionRes = await fetch(
`${cdpUrl}/json/version?token=${encodeURIComponent(String(token))}`,
);
expect(versionRes.status).toBe(200);
});
it("accepts raw gateway token for relay auth compatibility", async () => {
const port = await getFreePort();
cdpUrl = `http://127.0.0.1:${port}`;

2
src/browser/extension-relay.ts
View File

@@ -399,7 +399,7 @@ export async function ensureChromeExtensionRelayServer(opts: {
}
if (path.startsWith("/json")) {
const token = getHeader(req, RELAY_AUTH_HEADER)?.trim();
const token = getRelayAuthTokenFromRequest(req, url);
if (!token || !relayAuthTokens.has(token)) {
res.writeHead(401);
res.end("Unauthorized");