mirror of
https://github.com/openclaw/openclaw.git
synced 2026-04-20 13:41:30 +00:00
fix(exec): clarify auto routing semantics (#58897) (thanks @vincentkoc)
This commit is contained in:
@@ -221,6 +221,9 @@ export function isRequestedExecTargetAllowed(params: {
|
||||
configuredTarget: ExecTarget;
|
||||
requestedTarget: ExecTarget;
|
||||
}) {
|
||||
// `auto` is a routing strategy, not a wildcard allowlist. Keep per-call host
|
||||
// selection pinned to the configured/session-selected target so a sandboxed
|
||||
// session cannot silently hop to gateway or node.
|
||||
return params.requestedTarget === params.configuredTarget;
|
||||
}
|
||||
|
||||
@@ -253,6 +256,9 @@ export function resolveExecTarget(params: {
|
||||
);
|
||||
}
|
||||
const selectedTarget = requestedTarget ?? configuredTarget;
|
||||
// `auto` preserves the no-config "just work" default: sandbox when available,
|
||||
// otherwise gateway. The YOLO part comes from security/ask defaults, not from
|
||||
// `auto` itself.
|
||||
const effectiveHost =
|
||||
selectedTarget === "auto" ? (params.sandboxAvailable ? "sandbox" : "gateway") : selectedTarget;
|
||||
return {
|
||||
|
||||
Reference in New Issue
Block a user