vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): harden plugin HTTP route auth

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-07 19:54:53 +00:00
parent cf290e31bd
commit ac86deccee
11 changed files with 270 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/tools/plugin.md
View File

@@ -141,6 +141,7 @@ Notes:
- `api.registerHttpHandler(...)` is obsolete. Use `api.registerHttpRoute(...)`.
- Plugin routes must declare `auth` explicitly.
- Exact `path + match` conflicts are rejected unless `replaceExisting: true`, and one plugin cannot replace another plugin's route.
- Overlapping routes with different `auth` levels are rejected. Keep `exact`/`prefix` fallthrough chains on the same auth level only.
## Plugin SDK import paths