vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-17 13:00:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,104 Commits 770 Branches 80 Tags
vincentkoc-code/proxy-pairing-guards
Commit Graph

8 Commits

Author SHA1 Message Date
Peter Steinberger
6a80e9db05 fix(browser): harden writable output paths 2026-03-01 23:25:13 +00:00
YuzuruS
f5c2be1910 fix: distinguish outside-workspace errors from not-found in fs-safe 
When editing a file outside the workspace root, SafeOpenError previously
used the "invalid-path" code with the message "path escapes root". This
was indistinguishable from other invalid-path errors (hardlinks, symlinks,
non-files) and consumers often fell back to a generic "not found" message,
which was misleading.

Add a new "outside-workspace" error code with the message "file is outside
workspace root" so consumers can surface a clear, accurate error message.

- fs-safe.ts: add "outside-workspace" to SafeOpenErrorCode, use it for
  all path-escapes-root checks in openFileWithinRoot/writeFileWithinRoot
- pi-tools.read.ts: map "outside-workspace" to EACCES instead of rethrowing
- browser/paths.ts: return specific "File is outside {scopeLabel}" message
- media/server.ts: return 400 with descriptive message for outside-workspace
- fs-safe.test.ts: update traversal test expectations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-28 18:08:10 +05:30
Peter Steinberger
f41715a18f refactor(browser): split act route modules and dedupe path guards 2026-02-26 01:21:34 +01:00
Peter Steinberger
496a76c03b fix(security): harden browser trace/download temp path handling 2026-02-26 01:04:05 +01:00
Peter Steinberger
ef326f5cd0 fix(browser): revalidate upload paths at use time 2026-02-26 00:40:56 +01:00
Vignesh Natarajan
54e5f80424 Browser: accept canonical upload paths for symlinked roots 2026-02-21 21:54:57 -08:00
Mariano
8e4f6c0384 fix(browser): block upload symlink escapes (#21972) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4381ef9a4d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:36:25 +00:00
Peter Steinberger
3aa94afcfd fix(security): harden archive extraction (#16203) 
* fix(browser): confine upload paths for file chooser

* fix(browser): sanitize suggested download filenames

* chore(lint): avoid control regex in download sanitizer

* test(browser): cover absolute escape paths

* docs(browser): update upload example path

* refactor(browser): centralize upload path confinement

* fix(infra): harden tmp dir selection

* fix(security): harden archive extraction

* fix(infra): harden tar extraction filter
 2026-02-14 14:42:08 +01:00