vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 15:00:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: add CHANGELOG entry for cdpUrl config redaction fix

Browse Source
This commit is contained in:
Ziy1-Tan
2026-04-16 20:57:14 +08:00
committed by Mason Huang
parent 25106f1b35
commit 6aec76ffd6
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -61,6 +61,7 @@ Docs: https://docs.openclaw.ai
### Fixes
- Config/redaction: redact credentials embedded in `browser.cdpUrl` and `browser.profiles.*.cdpUrl` config paths so query tokens and HTTP Basic auth userinfo are no longer returned in plaintext by `config.get` responses. (#67656) Thanks @Ziy1-Tan.
- Gateway/tools: anchor trusted local `MEDIA:` tool-result passthrough on the exact raw name of this run's registered built-in tools, and reject client tool definitions whose names normalize-collide with a built-in or with another client tool in the same request (`400 invalid_request_error` on both JSON and SSE paths), so a client-supplied tool named like a built-in can no longer inherit its local-media trust. (#67303)
- Agents/replay recovery: classify the provider wording `401 input item ID does not belong to this connection` as replay-invalid, so users get the existing `/new` session reset guidance instead of a raw 401-style failure. (#66475) Thanks @dallylee.
- Gateway/webchat: enforce localRoots containment on webchat audio embedding path [AI-assisted]. (#67298) Thanks @pgondhi987.