vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-14 18:51:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
28,927 Commits 1,286 Branches 108 Tags
a51488c13ca4c19265fc454dc4f1df241cfadbfd
Commit Graph

14 Commits

Author SHA1 Message Date
openperf
c857e93735 fix(gateway): auto-bind to 0.0.0.0 inside container environments 2026-04-06 14:02:20 +01:00
Vincent Koc
1738d540f4 fix(gateway/auth): local trusted-proxy fallback to require token auth (#54536) 
* fix(auth): improve local request and trusted proxy handling

* fix(gateway): require token for local trusted-proxy fallback

* docs(changelog): credit trusted-proxy auth fix

* Update src/gateway/auth.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* fix(gateway): fail closed on forwarded local detection

* docs(gateway): clarify fail-closed local detection

* fix(gateway): harden trusted-proxy local fallback

* fix(gateway): align trusted-proxy loopback validation

* Update CHANGELOG.md

---------

Co-authored-by: “zhangning” <zhangning.2025@bytedance.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-29 17:05:00 +09:00
Peter Steinberger
60d308cff0 test: fix CI type regressions 2026-03-13 19:53:40 +00:00
Peter Steinberger
1f85c9af68 test: simplify runtime config coverage 2026-03-13 18:00:03 +00:00
Peter Steinberger
223d7dc23d feat(gateway)!: require explicit non-loopback control-ui origins 2026-02-24 01:57:11 +00:00
Peter Steinberger
9af3ec92a5 fix(gateway): add HSTS header hardening and docs 2026-02-23 19:47:29 +00:00
tyler
9b23e5ce1f test: fix flaky auth tests when OPENCLAW_GATEWAY_TOKEN is present 2026-02-22 15:17:37 +01:00
Peter Steinberger
b109fa53ea refactor(core): dedupe gateway runtime and config tests 2026-02-22 07:44:57 +00:00
Peter Steinberger
d748657265 test(gateway): table-drive runtime config validation matrix 2026-02-21 23:29:29 +00:00
Mariano
094dbdaf2b fix(gateway): require loopback proxy IP for trusted-proxy + bind=loopback (#22082) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6ff3ca9b5d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:03:53 +00:00
Xinhua Gu
9c5249714d fix(gateway): trusted-proxy auth rejected when bind=loopback (#20097) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8de62f1a8f
Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:51:35 +00:00
Peter Steinberger
08a7967936 fix(security): fail closed on gateway bind fallback and tighten canvas IP fallback 2026-02-19 14:38:55 +01:00
Gustavo Madeira Santana
c5698caca3 Security: default gateway auth bootstrap and explicit mode none (#20686) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: be1b73182c
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-19 02:35:50 -05:00
Nick Taylor
1fb52b4d7b feat(gateway): add trusted-proxy auth mode (#15940) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 279d4b304f
Co-authored-by: nickytonline <833231+nickytonline@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 12:32:17 +01:00