fix(diagnostics): harden capture redaction and discord metadata fetch (#71303)

src/proxy-capture/runtime.ts

@@ -15,6 +15,29 @@ import type {
 } from "./types.js";
 
 const DEBUG_PROXY_FETCH_PATCH_KEY = Symbol.for("openclaw.debugProxy.fetchPatch");
+const REDACTED_CAPTURE_HEADER_VALUE = "[REDACTED]";
+const SENSITIVE_CAPTURE_HEADER_NAMES = new Set([
+  "authorization",
+  "proxy-authorization",
+  "cookie",
+  "set-cookie",
+  "x-api-key",
+  "api-key",
+  "apikey",
+  "x-auth-token",
+  "auth-token",
+  "x-access-token",
+  "access-token",
+]);
+const SENSITIVE_CAPTURE_HEADER_NAME_FRAGMENTS = [
+  "api-key",
+  "apikey",
+  "token",
+  "secret",
+  "password",
+  "credential",
+  "session",
+];
 
 type GlobalFetchPatchedState = {
   originalFetch: typeof globalThis.fetch;
@@ -55,6 +78,32 @@ function resolveUrlString(input: RequestInfo | URL): string | null {
   return null;
 }
 
+function isSensitiveCaptureHeaderName(name: string): boolean {
+  const normalized = name.trim().toLowerCase();
+  if (!normalized) {
+    return false;
+  }
+  if (SENSITIVE_CAPTURE_HEADER_NAMES.has(normalized)) {
+    return true;
+  }
+  return SENSITIVE_CAPTURE_HEADER_NAME_FRAGMENTS.some((fragment) => normalized.includes(fragment));
+}
+
+function redactedCaptureHeaders(
+  headers: Headers | Record<string, string> | undefined,
+): Record<string, string> | undefined {
+  if (!headers) {
+    return undefined;
+  }
+  const entries =
+    headers instanceof Headers ? Array.from(headers.entries()) : Object.entries(headers);
+  const redacted: Record<string, string> = {};
+  for (const [name, value] of entries) {
+    redacted[name] = isSensitiveCaptureHeaderName(name) ? REDACTED_CAPTURE_HEADER_VALUE : value;
+  }
+  return redacted;
+}
+
 function createHttpCaptureEventBase(params: {
   settings: DebugProxySettings;
   rawUrl: string;
@@ -237,11 +286,7 @@ export function captureHttpExchange(params: {
       params.requestHeaders instanceof Headers
         ? (params.requestHeaders.get("content-type") ?? undefined)
         : params.requestHeaders?.["content-type"],
-    headersJson: safeJsonString(
-      params.requestHeaders instanceof Headers
-        ? Object.fromEntries(params.requestHeaders.entries())
-        : params.requestHeaders,
-    ),
+    headersJson: safeJsonString(redactedCaptureHeaders(params.requestHeaders)),
     metaJson: safeJsonString(params.meta),
     ...requestPayload,
   });
@@ -268,7 +313,7 @@ export function captureHttpExchange(params: {
           : undefined,
       headersJson:
         params.response.headers && typeof params.response.headers.entries === "function"
-          ? safeJsonString(Object.fromEntries(params.response.headers.entries()))
+          ? safeJsonString(redactedCaptureHeaders(params.response.headers))
           : undefined,
       metaJson: safeJsonString({ ...params.meta, bodyCapture: "unavailable" }),
     });
@@ -295,7 +340,7 @@ export function captureHttpExchange(params: {
         }),
         status: params.response.status,
         contentType: params.response.headers.get("content-type") ?? undefined,
-        headersJson: safeJsonString(Object.fromEntries(params.response.headers.entries())),
+        headersJson: safeJsonString(redactedCaptureHeaders(params.response.headers)),
         metaJson: safeJsonString(params.meta),
         ...responsePayload,
       });