mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-09 07:03:57 +00:00
Fix UTF-16-safe audit context truncation (#101298)
This commit is contained in:
@@ -637,6 +637,23 @@ describe("fetchWithTimeoutGuarded", () => {
|
||||
expect(call.timeoutMs).toBe(5000);
|
||||
});
|
||||
|
||||
it("truncates auditContext without leaving a lone surrogate at the max boundary", async () => {
|
||||
fetchWithSsrFGuardMock.mockResolvedValue({
|
||||
response: new Response(null, { status: 200 }),
|
||||
finalUrl: "https://example.com",
|
||||
release: async () => {},
|
||||
});
|
||||
|
||||
const prefix = "a".repeat(79);
|
||||
await fetchWithTimeoutGuarded("https://example.com", {}, 5000, fetch, {
|
||||
auditContext: `${prefix}${String.fromCodePoint(0x1f600)}tail`,
|
||||
});
|
||||
|
||||
const call = getFirstGuardedFetchCall();
|
||||
expect(call.auditContext).toBe(prefix);
|
||||
expect(call.auditContext).not.toContain(String.fromCharCode(0xd83d));
|
||||
});
|
||||
|
||||
it("passes configured explicit proxy policy through the SSRF guard", async () => {
|
||||
fetchWithSsrFGuardMock.mockResolvedValue({
|
||||
response: new Response(null, { status: 200 }),
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
// Shared provider HTTP/audio helpers for media-understanding integrations,
|
||||
// including guarded fetches, deadlines, retries, and multipart upload bodies.
|
||||
import path from "node:path";
|
||||
import { truncateUtf16Safe } from "@openclaw/normalization-core/utf16-slice";
|
||||
import {
|
||||
assertOkOrThrowHttpError,
|
||||
createProviderHttpError,
|
||||
@@ -321,7 +322,7 @@ function sanitizeAuditContext(auditContext: string | undefined): string | undefi
|
||||
if (!cleaned) {
|
||||
return undefined;
|
||||
}
|
||||
return cleaned.slice(0, MAX_AUDIT_CONTEXT_CHARS);
|
||||
return truncateUtf16Safe(cleaned, MAX_AUDIT_CONTEXT_CHARS);
|
||||
}
|
||||
|
||||
type ResolvedProviderHttpRequestConfig = {
|
||||
|
||||
Reference in New Issue
Block a user